From 488d9acc92a4485069870db598b1351808759660 Mon Sep 17 00:00:00 2001 From: Arjen Huitema Date: Fri, 2 Aug 2024 10:37:05 +0200 Subject: [PATCH 1/3] Initial auto-generated policy --- ..._23ac19cb-5eff-4cfa-9817-93466e1a94f7.json | 333 ++++++++++ ..._b9f2fe91-023a-443c-b376-b12f0cd5d965.json | 333 ++++++++++ ..._0289bc11-db65-4a58-91ed-fda8637322ec.json | 333 ++++++++++ ..._ea6a4d59-822f-4fb7-a29d-69e523e95bdb.json | 333 ++++++++++ ..._fd5d63e0-ab2f-4300-af65-05bf2e490d0e.json | 333 ++++++++++ ..._6b1dd1ae-05de-43d2-bdea-7981c49127fc.json | 333 ++++++++++ ..._52cd4aba-4ad0-402a-880d-ba625ebcf37f.json | 333 ++++++++++ ..._1f8626fe-812a-48a7-b237-2f9181a5ea12.json | 333 ++++++++++ ..._2e16fd84-d92f-44ee-8191-ff47e90a9526.json | 333 ++++++++++ ..._a9480e7f-1cd0-4c46-b5c4-e7f35fe963a5.json | 333 ++++++++++ ..._c0c3e784-f488-43a6-a423-18dbb444d443.json | 333 ++++++++++ ..._94ae53cd-6e3b-47f5-9709-9c2e10eae6d7.json | 333 ++++++++++ ..._b12cad96-7ef2-4223-97f4-53b3dc64ecfa.json | 333 ++++++++++ ..._a9e1306a-a541-423f-a69e-bd37f8f5013a.json | 333 ++++++++++ ..._423b4280-1f68-49d8-b11a-6a816b0d9172.json | 333 ++++++++++ ..._0be9dd7c-ae7f-41f7-b3a6-844e64059b73.json | 333 ++++++++++ ..._74e0e3b4-62aa-4503-b05d-c5c79a029ed6.json | 333 ++++++++++ ..._49e7f58f-4910-4d2f-8589-573e8a65c6dd.json | 333 ++++++++++ ..._c521bf0d-efec-4d3a-8541-d8749915bfd4.json | 333 ++++++++++ ..._b40fdb04-cada-4870-80f3-317afc57e5fb.json | 333 ++++++++++ ..._8ce7d791-41a5-4d6a-9516-b009eabbd8f7.json | 333 ++++++++++ ..._f49539ff-35b1-4d83-8541-e3cf49b383e5.json | 333 ++++++++++ ..._70b8ce6d-0d28-4997-84df-957791877eec.json | 333 ++++++++++ ..._6c9857e4-7d6b-4384-80da-b88a2e6858ac.json | 333 ++++++++++ ..._af750dfc-62e5-4b74-9514-ca419d800590.json | 333 ++++++++++ ..._24c5276b-77b1-48ab-a8c1-15844b11e0aa.json | 333 ++++++++++ ..._7072ba94-41d2-4584-89ab-a5824ed045f4.json | 333 ++++++++++ ..._b9ffe52a-f430-4605-a2b1-d815eb1bcc56.json | 333 ++++++++++ ..._82cb3ad7-d44f-4131-9078-5aac82d3333a.json | 333 ++++++++++ ..._cc764431-e1b0-4455-94b1-b66d32cc54b4.json | 333 ++++++++++ ..._f0c2ec92-15bc-47b1-8edb-d0c5d10aaddc.json | 333 ++++++++++ ..._24b37318-9353-4424-9d8e-ac28450328b6.json | 333 ++++++++++ ..._8d5df17c-a5b7-4cf1-a01e-f9d8625297a6.json | 333 ++++++++++ ..._837ecf42-3f25-41ae-b97d-34193f0669da.json | 333 ++++++++++ ..._1b68776d-4d11-4d27-96c5-4d51cf17e1fc.json | 333 ++++++++++ ..._aecc75bf-f961-4c22-86e9-84c5039a2938.json | 333 ++++++++++ ..._d6c4011c-f4e6-4b12-b6e6-9486eab0fecc.json | 333 ++++++++++ ..._5e8aaa27-e5b3-4774-9807-af61ec96b001.json | 333 ++++++++++ ..._c42138d4-bb4c-4171-8802-ba44d671d72f.json | 333 ++++++++++ ..._c47441d4-7061-4acd-8ad8-69e52d00557c.json | 333 ++++++++++ ..._cf6babc2-f623-4f12-a352-c30a02bcb6c6.json | 333 ++++++++++ ..._5fb9c4bf-3799-44e0-bd75-656d1cfa26d2.json | 333 ++++++++++ ..._87fe8679-655d-4acb-a37c-b7faebe26d47.json | 333 ++++++++++ ..._ec8c928a-5206-4059-8aea-8486004dd30d.json | 333 ++++++++++ ..._d76ab40a-2831-4fa2-b476-5fdcda3d7c4c.json | 333 ++++++++++ ..._3c550d9c-8276-4a61-b0cf-ef437a55e299.json | 333 ++++++++++ ..._80f3c9ae-7da9-462f-ab44-2ff80d27c8f1.json | 333 ++++++++++ ..._287a29bf-097d-4c4a-9ac5-df70a10f6903.json | 333 ++++++++++ ..._07f1ae0a-94f3-41da-b3a6-ca9188e416cb.json | 333 ++++++++++ ..._e228ad2d-7f9f-4843-88e2-57f6d44c59e9.json | 333 ++++++++++ ..._e98657ed-8a0b-4992-9d20-a54e2d6065ef.json | 333 ++++++++++ ..._d9089d09-ddec-4f6a-8dc1-e2544e5765cb.json | 333 ++++++++++ ..._a8c08a0f-fcd7-4b97-8a6e-06b34bac0b9f.json | 333 ++++++++++ ..._ea8be16a-f5e9-4a8b-a1df-a8c5efff039b.json | 350 +++++++++++ ..._dce1cda8-1dab-4941-b607-1d5d449709d5.json | 350 +++++++++++ ..._86991e6e-efc9-4898-adf8-4e8e3a60c57e.json | 333 ++++++++++ ..._f0e94112-5509-47b6-8def-91fb5ca5d0cd.json | 333 ++++++++++ ..._87dfe717-217f-4447-b59a-7ea39160b83a.json | 333 ++++++++++ ..._98de2aed-3493-4e65-919b-b1f8e6995819.json | 333 ++++++++++ ..._55dc79f4-5666-420f-8c53-141d73e01fee.json | 333 ++++++++++ ..._d336cfa2-724e-419a-809d-c716741d5279.json | 333 ++++++++++ ..._310c2a27-8933-434e-a366-cb35831cde44.json | 333 ++++++++++ ..._6cf11f1e-273a-4f42-bf9b-9310b26c1c4f.json | 333 ++++++++++ ..._b0bd7c37-eb24-47c2-a032-f925594152ed.json | 333 ++++++++++ ..._bf1e0006-6089-4f92-a115-fc83aa0fbdd5.json | 333 ++++++++++ ..._69912da3-8d8d-4d57-884a-97c2bdd03bdd.json | 526 ++++++++++++++++ ..._a407ae10-6263-449c-81b9-172760d6dc6d.json | 333 ++++++++++ ..._821888a1-6490-4a2d-8850-bdc45057a853.json | 333 ++++++++++ ..._b57b0749-f851-4c3d-b7fb-7cf26f3bf16a.json | 333 ++++++++++ ..._5dbf3a3d-7f08-4deb-a153-129c3485da84.json | 550 +++++++++++++++++ ..._b0cbb9f8-cc67-4e7d-95a8-5a058c6de7e0.json | 333 ++++++++++ ..._9b0f41af-1c52-4890-a23a-3bfebfee1154.json | 333 ++++++++++ ..._040bc9c3-da5c-4fd0-b160-979ce89364ae.json | 333 ++++++++++ ..._abddd643-e7c7-411c-b13a-64fdbb406cc8.json | 567 +++++++++++++++++ ..._3c5518ea-9a0f-44ff-b197-47b3d6db060b.json | 333 ++++++++++ ..._e45d685d-14c4-4422-8096-6f11d628fb20.json | 333 ++++++++++ ..._5c51e187-5b5d-428d-98d8-fb9ab4fea646.json | 567 +++++++++++++++++ ..._326b359d-e0a2-4055-8e1f-f9c5f9df5599.json | 333 ++++++++++ ..._b9221998-f2bb-4ae8-b2c8-f9c4750e06f7.json | 333 ++++++++++ ..._8bc489c0-d2f7-43c1-9bb7-478c9503fb2e.json | 333 ++++++++++ ..._b1cc650c-24fe-4f9e-a2ec-5757816526c0.json | 333 ++++++++++ ..._edff41cb-d9b8-46ba-ba39-42747c1a4c4b.json | 333 ++++++++++ ..._6de4e570-4270-4e9b-949e-5680b061e7fd.json | 333 ++++++++++ ..._ea4501a3-1e77-4df1-ab61-3ee28ae529eb.json | 333 ++++++++++ ..._e2028144-b142-445c-b544-3bb438537c8f.json | 333 ++++++++++ ..._b565e73f-71c8-4bb3-a792-903b67775497.json | 567 +++++++++++++++++ ..._552ca1f1-d69d-4bc2-b044-19f81b225fd4.json | 567 +++++++++++++++++ ..._f7e19635-0118-4040-83d5-2f4c2150aef1.json | 333 ++++++++++ ..._dca7af9f-cad2-4751-a61f-77d92c2ce523.json | 568 ++++++++++++++++++ ..._a2bf3c43-d327-473b-9204-f77e2a0fe398.json | 333 ++++++++++ ..._916dc60b-b2d2-4708-9fa4-6a36b244f499.json | 333 ++++++++++ ..._36262245-4c8a-4143-9ab4-68e9c23ae19a.json | 333 ++++++++++ ..._299ce963-728a-48c8-8b7d-e05b5f8a8f38.json | 568 ++++++++++++++++++ ..._929b095e-5ea1-48b4-bf4e-bfc1a941a908.json | 333 ++++++++++ ..._37d9da12-88e6-4c01-8772-384920d34458.json | 568 ++++++++++++++++++ ..._3be4037a-c692-402d-843d-b3fe43053edf.json | 333 ++++++++++ ..._a477bf96-4b0f-471c-b5d3-0acdb59612e6.json | 333 ++++++++++ ..._a9bac9fd-2382-4ce1-b68b-8898caf45038.json | 333 ++++++++++ ..._56d57b79-b7c3-4a17-a96b-3fc7152d9c5c.json | 509 ++++++++++++++++ ..._eb85f15b-b705-418f-b8ed-93d8cc7a9a6c.json | 333 ++++++++++ ..._c878115f-2a89-446e-8980-ef4f152120c5.json | 333 ++++++++++ ..._e3981e7b-fd8b-4e07-bb68-d598c020c12d.json | 333 ++++++++++ ..._765ceb5b-ec1d-44d7-b94d-bb139030df81.json | 333 ++++++++++ ..._3fa5376a-705a-48e4-b314-6282a74c9f7c.json | 333 ++++++++++ ..._970af9d6-9212-420d-af7b-4fbd790a2596.json | 350 +++++++++++ ..._4758386e-12ee-411a-9e49-445b5c5c3051.json | 350 +++++++++++ ..._8beff742-9cd8-43ed-9680-57ae35bee6e8.json | 350 +++++++++++ ..._5b26b965-2662-4a89-9d7e-771486357f39.json | 350 +++++++++++ ..._42995506-5bd2-4687-9316-d9399919990b.json | 333 ++++++++++ ..._fa9efde4-3586-4595-a442-b7e97f70fe91.json | 333 ++++++++++ ..._b8c8a846-a8d0-4e8f-b854-030955a20135.json | 333 ++++++++++ ..._9dca87c2-de00-40fd-b0bb-c8335e5f978a.json | 333 ++++++++++ ..._49fd8bac-d061-459d-8d80-a048c4c8ba56.json | 333 ++++++++++ ..._301ca0e3-fc88-4285-be99-a2a587c412f5.json | 333 ++++++++++ ..._64a872f9-5ec6-4121-acad-edd12f4c3466.json | 333 ++++++++++ ..._14fa63fb-7da9-4d2e-9de9-203c4a3e0401.json | 333 ++++++++++ ..._ebbbbb92-5208-4d52-b407-6bea8e4473b9.json | 333 ++++++++++ ..._e38e6e11-ac88-4014-98c8-8e64f70b832a.json | 333 ++++++++++ ..._cebf00b7-7294-4cf7-bc50-108f999d0c67.json | 333 ++++++++++ ..._1303e91d-bc80-4ec2-937e-1d179fc32b43.json | 333 ++++++++++ ..._aa3c5697-5cca-4c16-a37e-94f1d580701e.json | 333 ++++++++++ ..._e89e023e-117b-4db4-bfb2-853849e273f5.json | 333 ++++++++++ ..._9ae2dfbf-d69b-4802-8497-8b7836bef5e9.json | 333 ++++++++++ ..._0f19979d-9dc2-4636-8e15-435bbfa1f0f9.json | 333 ++++++++++ ..._13bbfe6e-3b65-4940-9344-6d1cc78e7d54.json | 333 ++++++++++ ..._faf01668-c98a-4755-ae74-9dd4151f4c39.json | 333 ++++++++++ ..._ef38051a-d9e3-4705-b208-29a421e729be.json | 333 ++++++++++ ..._269d640c-b6ba-45e1-a52f-67708f9f99d7.json | 333 ++++++++++ ..._347674ce-8534-403d-8281-cac9ea6f412a.json | 333 ++++++++++ ..._218161be-4952-495b-aed1-03cccda3d42f.json | 333 ++++++++++ ..._a3601973-f48c-4bf2-8384-90d250702a79.json | 333 ++++++++++ ..._757e2adf-60b8-4688-ae8f-03dd7dcd5226.json | 333 ++++++++++ ..._dfe563fc-0ec1-401d-a362-8d293a06d02b.json | 333 ++++++++++ ..._f285c23f-3b8e-428a-b289-8ff38a3c0e4b.json | 333 ++++++++++ ..._e6771f44-f6d3-4a27-a9e4-b402a79c2891.json | 333 ++++++++++ ..._60453255-5e0e-4fa5-95b5-6c449bee6902.json | 333 ++++++++++ ..._f0767b27-b88b-46a1-ab90-37dc8c399358.json | 333 ++++++++++ ..._173e6b88-e8a9-4763-becb-9c749878c767.json | 333 ++++++++++ ..._978944c7-a049-4847-8483-dcf5baa92f6a.json | 333 ++++++++++ ..._3a1dd0bd-ebe9-4f9b-b38c-88686a390bdd.json | 333 ++++++++++ ..._85466088-8eb2-4faa-81f2-1ea40d8b6953.json | 333 ++++++++++ ..._af2b7bbb-9476-475a-b523-da3ee521eda7.json | 333 ++++++++++ ..._4f988eb2-c420-4ef2-82ed-2569b21b70e1.json | 333 ++++++++++ ..._f9b59221-8055-449e-bfd5-7a056945c694.json | 333 ++++++++++ ..._5f9cdad0-db39-48c9-a4eb-3107b5b79414.json | 333 ++++++++++ ..._389057c9-a0e0-4327-b89f-58c3dabb519d.json | 333 ++++++++++ ..._1904dd93-9655-403f-bb89-dc42e5ebc666.json | 333 ++++++++++ ..._5856ad80-7256-441f-8a62-af1fdc712018.json | 333 ++++++++++ ..._eb3e1fb3-83e9-4764-b6e1-532bb22ce1aa.json | 333 ++++++++++ ..._b0ac25d8-ae08-45e1-8a1e-5204514ad7bd.json | 333 ++++++++++ ..._1103b9a5-3d3d-4aa8-a3c2-66958e32c220.json | 333 ++++++++++ ..._0c64aa8f-4bdb-4bb0-961c-d298000536af.json | 333 ++++++++++ ..._d389ee62-f431-4faa-a4bc-4a3d02cea182.json | 333 ++++++++++ ..._e397645f-359b-46d1-8182-d2cabab71aae.json | 333 ++++++++++ ..._186c5227-a9f4-4cd0-a355-c8d28f359398.json | 333 ++++++++++ ..._0a6de1a0-e4df-470f-9bc7-247838fc428c.json | 333 ++++++++++ ..._a2b3fa9d-f7e8-4d1e-967c-3d661bc06708.json | 333 ++++++++++ ..._ea7248bd-f96c-4391-ac48-c95312441028.json | 333 ++++++++++ ..._1d53e3ac-e98a-426c-81f1-aa1834c49692.json | 333 ++++++++++ ..._90c0997a-f96e-4a34-87c7-c394c6e8b940.json | 333 ++++++++++ ..._56a13163-c2b6-4235-96bd-ef1e373b19ba.json | 333 ++++++++++ ..._e031f8bf-ed3f-4a41-87fe-b301c1d02367.json | 333 ++++++++++ ..._980f53cb-3eef-4263-952e-e69709e2a6e7.json | 333 ++++++++++ ..._321c2df7-c548-4e06-8729-8132b4dc3386.json | 333 ++++++++++ ..._08bfad59-0c23-4e6b-b577-e325f445a2cc.json | 333 ++++++++++ ..._e8fec7b1-ca81-48cd-a7ea-f81cc2fcb4a5.json | 333 ++++++++++ ..._4b40d85d-f0be-41e5-9d60-ad9a99c54a41.json | 333 ++++++++++ ..._473c5450-95cc-4f86-bb8a-d0a06edd1357.json | 333 ++++++++++ ..._71d5d464-ae1c-4383-835f-bb7369e307ea.json | 333 ++++++++++ ..._a678b284-d23b-46e4-a8fa-75bb744a53bb.json | 333 ++++++++++ ..._f5e0a050-1994-4864-b2c3-a09dc77fb5b4.json | 333 ++++++++++ ..._df4f3e6f-757e-4fa0-a411-b2cdf4039649.json | 333 ++++++++++ ..._2dd0b760-3235-479d-86d4-c152ca76b7e8.json | 333 ++++++++++ ..._47615ecc-bf5d-47e2-8c10-f8411e6c5d56.json | 333 ++++++++++ ..._740b104c-1ad2-4ef7-bafc-c98f22551548.json | 333 ++++++++++ ..._5f2a0272-792a-4cdd-ba94-9f46db438a0e.json | 333 ++++++++++ ..._c30b6089-59c5-4452-b382-d33152be9b03.json | 333 ++++++++++ ..._9c7bde49-f0c2-4a07-b150-5dc9464fcf29.json | 333 ++++++++++ ..._b8286cfa-9f86-4309-954b-ef69a6d8982d.json | 333 ++++++++++ ..._d78fc655-68ca-4877-ac60-7fc805f1ae94.json | 333 ++++++++++ ..._d5a028d1-ae0e-4349-8a79-630f891c8235.json | 333 ++++++++++ ..._65deae31-85e8-477a-b17e-50d2d10cd7b0.json | 333 ++++++++++ ..._85de8003-c1d8-4cd1-80b5-e125399ef293.json | 333 ++++++++++ ..._0914c189-0adc-45d6-8704-d2ae73b9b7b6.json | 333 ++++++++++ ..._3f30e3aa-7e17-4eaf-a437-a420f5a23bf2.json | 333 ++++++++++ ..._9bae539a-12ed-46e2-b105-101ce036c9a4.json | 333 ++++++++++ ..._0cb53be3-76b5-44be-9f32-bcc821be34b6.json | 333 ++++++++++ ..._f77ce9c2-bb95-47e7-8e5d-75d5c098f489.json | 333 ++++++++++ ..._9c41c539-b81b-4917-b04a-e67225f78e75.json | 333 ++++++++++ ..._228e104f-002a-441d-91ec-6140f233c1a4.json | 333 ++++++++++ ..._cf0655a4-042d-4979-bbc7-5559eaa8f2b9.json | 333 ++++++++++ ..._28f2e10d-2297-47f9-ac6a-c7a8cc0c8ead.json | 333 ++++++++++ ..._ee10b769-b38b-44d1-9fd3-926b8dca4c41.json | 333 ++++++++++ ..._faf5510e-28b7-42c9-8ad1-de68a5737eaf.json | 333 ++++++++++ ..._a7958120-a386-46d0-9790-e80bfa72fb22.json | 333 ++++++++++ ..._14fc7c6b-484f-427f-a1d2-94cded799f88.json | 333 ++++++++++ ..._2a1deb2d-1fc0-499b-a828-04aeece855fe.json | 333 ++++++++++ ..._d4d7685a-ce55-4709-a847-747d02165cb7.json | 333 ++++++++++ ..._51ff86c0-2add-42e0-aab8-f6f0edcf2b51.json | 333 ++++++++++ ..._c02f2d18-2b7e-4d85-81fa-2c1437d0b092.json | 333 ++++++++++ ..._6584a39d-0795-4132-8c33-376d3926d21b.json | 333 ++++++++++ ..._fb8bc2ae-26bc-45a1-b616-1f45ffb864ae.json | 333 ++++++++++ ..._343258f9-4bb2-41fb-abfa-d04ea62a6aad.json | 333 ++++++++++ ..._95865d3b-41d0-4ad6-b08b-a2dcfe0940a9.json | 333 ++++++++++ ..._e9561f89-282e-4145-b5cc-8485a7fc987c.json | 333 ++++++++++ ..._230c0173-8b36-4412-9617-3e096886a403.json | 333 ++++++++++ ..._8875590a-9f72-49a2-807f-62437f8079b1.json | 333 ++++++++++ ..._2959b52d-6756-480d-9193-b2c0c4c5d305.json | 333 ++++++++++ ..._2ca39ff3-6f87-438c-81f6-7ce51f70902f.json | 333 ++++++++++ ..._4f1964ce-6938-499a-af3d-bb746aaff72a.json | 333 ++++++++++ ..._a9c1e74c-bd3a-438c-bd13-7a2fec2d172c.json | 333 ++++++++++ ..._26972609-fbb4-4fb9-b7f8-7b99a06bb4e3.json | 333 ++++++++++ ..._46a66177-c487-4ed1-b2fc-19c0bf52b168.json | 333 ++++++++++ ..._c67b86dc-74d5-4ea1-882e-de257d054ff3.json | 333 ++++++++++ ..._237493ef-15c0-4e87-80bc-f8c59dd897ce.json | 333 ++++++++++ ..._48581aa9-53ee-4467-b04c-402061fe40e8.json | 333 ++++++++++ ..._1684f387-04e6-440c-a931-f57efdc84cd2.json | 333 ++++++++++ ..._b1700765-b168-4ad4-a73e-f3a93a6bf5cf.json | 333 ++++++++++ ..._30ba09b3-4e96-403d-a295-8f37788914aa.json | 333 ++++++++++ ..._75dbbcf0-d6ae-401f-8765-ba643385da9b.json | 333 ++++++++++ ..._f68ed392-7179-419d-8ee6-3813ea10866b.json | 260 ++++++++ ..._a3c8bcb4-22ca-45be-92f7-605f232ecec2.json | 333 ++++++++++ ..._dc852755-e5df-4fd0-83ac-cbbc516f60b3.json | 333 ++++++++++ ..._7b52bf07-3d86-4429-b5d4-829a6a5542df.json | 333 ++++++++++ ..._2651f57f-ac74-44f3-8511-c245488134f8.json | 333 ++++++++++ ..._14356b19-1264-498d-b1cd-e3fa9f0c9fc9.json | 350 +++++++++++ ..._422c292e-54e3-4e7d-93e2-bcd1bf65dae6.json | 333 ++++++++++ ..._cae6ec0a-a26d-494b-94b2-3d93dcedff42.json | 333 ++++++++++ ..._8493c362-2524-4079-9025-8f5ffee62936.json | 333 ++++++++++ ..._6c4213c5-743f-48b8-b957-dd26fbf8809e.json | 333 ++++++++++ ..._188fc0b5-a686-48a7-950f-76f183ba49d6.json | 333 ++++++++++ ..._b131dc45-d6ac-4521-8206-a365ac2dbe52.json | 333 ++++++++++ ..._d8bf77d2-8572-4392-8097-5e84f136513d.json | 350 +++++++++++ ..._5aa5790b-2bff-40b0-9099-38485b9a9e0a.json | 333 ++++++++++ ..._514f695a-4f11-4a28-9516-f7f3b5b1c53b.json | 333 ++++++++++ ..._c4864d80-dd28-4344-a135-03b600920c06.json | 333 ++++++++++ ..._eb44cbdc-a259-4354-9b54-2bc72f811440.json | 333 ++++++++++ ..._6524b22c-661e-48cd-87e7-7ee9ddea7b8b.json | 333 ++++++++++ ..._346ba728-f7a1-4ca4-8486-786d6ebb9f9a.json | 333 ++++++++++ ..._9d324d21-ab2b-48b7-a637-4b1d9891d6b5.json | 333 ++++++++++ ..._a4b5f1f3-aa12-4ed5-8a9d-a135204d22de.json | 333 ++++++++++ ..._5d020d4d-9359-4ecd-934a-409d0e4a5abd.json | 350 +++++++++++ ..._350cc22f-d202-4c7c-9239-cbdb3b71e14b.json | 333 ++++++++++ ..._8f7a8cb8-feef-4eaa-9e74-18693ce9969e.json | 333 ++++++++++ ..._16c2d231-f28b-4146-9aa3-57d419eb8780.json | 333 ++++++++++ ..._85bb464e-d9ce-496a-a66d-4c6d28d808df.json | 333 ++++++++++ ..._114f7c8e-e285-487d-9e50-7fe160769167.json | 350 +++++++++++ ..._42ae6a24-d545-4bbd-a7f9-8a3b6f977366.json | 333 ++++++++++ ..._0378fd1f-976e-4a32-aa2b-25003e7d6ee5.json | 333 ++++++++++ ..._cb35fd68-9568-42f9-b527-44e77726b100.json | 333 ++++++++++ ..._c897902c-40a5-497b-a0ce-86c3eda7c61d.json | 333 ++++++++++ ..._c0f647d6-d7f4-46ab-8591-b2f2b481e8e8.json | 333 ++++++++++ ..._65d02c68-e50f-4a0e-9de9-0d52edea4af0.json | 333 ++++++++++ ..._9f91c6f3-e93e-4510-b72b-8678f6d38014.json | 333 ++++++++++ ..._30b0cb86-ba8b-4eeb-9067-88456ec403ad.json | 333 ++++++++++ ..._cb7001d3-8a0e-41ed-b281-44fee5379f06.json | 333 ++++++++++ ..._075f0066-51f6-4c36-8000-ce7070493674.json | 333 ++++++++++ ..._27768691-301d-4938-bd8a-85598c2b50c6.json | 333 ++++++++++ ..._1be09484-96ee-4399-8ed4-35f5f4b5c23e.json | 333 ++++++++++ ..._d474e6d2-0b9a-4912-ae61-16dc23126b3f.json | 333 ++++++++++ ..._149f6b6c-4729-4da4-af00-bccbb1cce9ae.json | 333 ++++++++++ ..._73fa1878-d22d-4e8d-922d-9f146454cc40.json | 333 ++++++++++ ..._d5827f03-efb6-4257-96e2-b6e34e3bef7e.json | 333 ++++++++++ ..._e636b3ea-da2d-42f5-aedf-12b69432ac1f.json | 333 ++++++++++ ..._3cbcad15-0bb6-423e-87c1-4d40722103d6.json | 333 ++++++++++ ..._57c7b576-d4b2-4aa7-8c58-5c0ccbf94726.json | 350 +++++++++++ ..._c319a40c-3750-4fb4-a36d-beb3d09ef2ee.json | 333 ++++++++++ ..._d43ca9ef-6211-40ff-972e-fffb17923fc9.json | 333 ++++++++++ ..._e59f4d17-2600-4bcc-ab57-6c695d37a0b2.json | 333 ++++++++++ ..._9c8be4c5-5ba3-47ef-8a0a-97144734a336.json | 333 ++++++++++ ..._695b9710-e432-4521-9042-36287f0fc5ba.json | 333 ++++++++++ ..._e77b6820-e115-4e33-97c1-9bb902eec3b2.json | 333 ++++++++++ ..._73afde26-bd0c-4c31-8801-5b2444629448.json | 333 ++++++++++ ..._f03d1a7a-6bd3-42ae-89db-b36fd6ce5633.json | 333 ++++++++++ ..._6d77d848-23b1-4ff4-b9de-d421845d9566.json | 333 ++++++++++ ..._7640663c-b2f7-41bf-9419-be5e8cfdf74e.json | 333 ++++++++++ ..._06982a17-4def-405d-bb59-4ecfb6486f9e.json | 333 ++++++++++ ..._c88acf4e-2d23-4ac7-93fb-e44ded53ecee.json | 333 ++++++++++ ..._0b0c11e3-3598-4b2f-8cd8-77a24806bb9d.json | 260 ++++++++ ..._0ff72493-3822-4315-a146-8977a0963e39.json | 333 ++++++++++ ..._b23f1e82-a791-4610-aaa6-2d960b48b81d.json | 333 ++++++++++ ..._e8fdab4c-cc9a-4729-8619-a0f468f4dfdc.json | 333 ++++++++++ ..._afd848a8-8b18-410c-bcc1-1b6f06a5a231.json | 333 ++++++++++ ..._0d4040d7-4478-46b5-98e0-14bb2f7b8ecf.json | 333 ++++++++++ ..._2c288e52-422b-4f7e-85cf-feb3d08a1602.json | 333 ++++++++++ ..._494aa5d6-444d-4c86-9de5-431b3e12a233.json | 333 ++++++++++ ..._b050d767-098e-4947-aa88-2a3090e62eab.json | 333 ++++++++++ ..._0d1709ed-805e-4ca1-8490-f2d6b393e92f.json | 350 +++++++++++ ..._dfbcdbb7-fed8-49c5-8a10-ed34d20fc617.json | 333 ++++++++++ ..._efc101c0-0623-4928-86a7-6f2d37faf24b.json | 333 ++++++++++ ..._37302f31-86e2-45c8-a39f-d0b41c1271df.json | 333 ++++++++++ ..._2e4ae517-3d35-4677-a4b0-441ca19e7670.json | 333 ++++++++++ ..._cc428042-1a21-43f7-b5f8-598dea50f4a2.json | 333 ++++++++++ ..._d56551a8-1355-4aa3-871e-e20e1ce40f05.json | 350 +++++++++++ ..._5808dbdb-712e-4bd3-b92e-4a08388c32c6.json | 350 +++++++++++ ..._afc45643-7bd3-4321-9924-ac710bb78f88.json | 333 ++++++++++ ..._47fe6c76-47a0-433f-92d6-a23d9f573771.json | 333 ++++++++++ ..._8a586e59-0f53-41bd-8406-174f9f0ecf7e.json | 333 ++++++++++ ..._ff147700-c9e6-4063-bb23-45500c00067a.json | 333 ++++++++++ ..._4d5c7854-e044-4dd6-971b-df433fa3ad37.json | 333 ++++++++++ ..._af1ba971-9b73-4b7f-8040-5eff9f5778d5.json | 333 ++++++++++ ..._0fac138d-cf48-4dc2-ac02-053d0b24e620.json | 333 ++++++++++ ..._08dad105-6416-4348-9feb-339f73e24262.json | 333 ++++++++++ ..._ca29484c-b6e5-467e-984d-567e262380d7.json | 333 ++++++++++ ..._bf37971c-60f4-4652-a059-7607b1d6d31b.json | 333 ++++++++++ ..._ceaeccae-ffa5-4c8c-8415-c7be8266977d.json | 333 ++++++++++ ..._378a85f8-f24c-4ce6-bfb0-eb5ccbd61768.json | 333 ++++++++++ ..._dee0e83f-8d5c-4735-9730-1a850354e4b1.json | 333 ++++++++++ ..._15a67b66-30eb-4d0f-aa98-7350304347d0.json | 333 ++++++++++ ..._a4de0a96-9e79-4a03-a91c-cbd09ea3d29a.json | 333 ++++++++++ ..._5ec4f863-ec6f-4fe8-b258-a53b3183138a.json | 333 ++++++++++ ..._1987b5a9-bbc3-43c6-af35-cd69e61fe043.json | 333 ++++++++++ ..._5b64d91c-54de-4f8c-a5d6-054967f4ceaf.json | 333 ++++++++++ ..._d15179b2-4b57-41e4-997b-dc7c380963d9.json | 333 ++++++++++ ..._a39efd3b-04ef-48d4-a862-053092bdd6e5.json | 333 ++++++++++ ..._055c20da-0d21-4c6a-a80b-f2c4b3887804.json | 333 ++++++++++ ..._d766dc3e-42cc-42a7-ba4f-3c1d7fa295c5.json | 333 ++++++++++ ..._94c90db6-8fd7-460c-b704-c2a429913376.json | 333 ++++++++++ ..._39d3123b-daaa-4f70-97a3-8a4f326104af.json | 333 ++++++++++ ..._a92cb746-f19f-450b-b413-8b9710b0176b.json | 333 ++++++++++ ..._b239797f-e627-4e48-8609-94db72098c3d.json | 333 ++++++++++ ..._e1808855-9a4d-464d-b75a-a41183c520bd.json | 333 ++++++++++ ..._7cb8821d-c178-4c02-ba8a-1c6fcbcde2e8.json | 333 ++++++++++ ..._53bb49ec-ed5b-40c3-999b-efefa9be4536.json | 333 ++++++++++ ..._4c2e410b-644e-4331-a55c-19bfdc3e4754.json | 333 ++++++++++ ..._c57f27b1-151c-4d27-a77e-b85547d817f7.json | 333 ++++++++++ ..._4c54dd21-b5ce-4185-aa70-605b167f168f.json | 260 ++++++++ ..._61cbc62a-1382-4581-850f-4ea69d8a9615.json | 333 ++++++++++ ..._7659c9f8-c257-4f0b-a8d9-1ceae6177ff5.json | 333 ++++++++++ ..._1744119b-cabb-4ac4-97c6-a61249a6c5be.json | 333 ++++++++++ ..._370ff9a8-11ea-469a-9f52-b1c39d61c39d.json | 333 ++++++++++ ..._4d219611-6487-4fcf-9bac-29cd9e5046a9.json | 333 ++++++++++ ..._95473b2f-74ea-4929-bf22-f6f3be4ccbd5.json | 333 ++++++++++ ..._b410b69e-8bd5-44fe-899d-f4d5dce9931a.json | 333 ++++++++++ ..._e71f87d1-81bb-4ee6-802d-9da4ab1cb3e3.json | 333 ++++++++++ ..._c064753f-ea6a-4940-b603-975adb5127ae.json | 333 ++++++++++ ..._652acaf1-c5a1-4a88-b3bb-822a14dece19.json | 333 ++++++++++ ..._cb9a5dd7-4ae2-4adf-ab11-95363032ee5d.json | 333 ++++++++++ ..._a78addf1-4632-4fc2-9afc-d1fb75049872.json | 333 ++++++++++ ..._54d85ec1-6c8d-4372-bdab-f6f0b5cc12c4.json | 333 ++++++++++ ..._529b0b1f-46fc-423f-94ab-dd71dd7894e2.json | 333 ++++++++++ ..._8020f41e-ca61-43b4-88ca-f520057dfa92.json | 333 ++++++++++ ..._27181c58-ca7a-433f-a0ee-a7a33102cb36.json | 333 ++++++++++ ..._7f4c355a-5411-4400-826a-b82007bbd83d.json | 333 ++++++++++ ..._6c81eeff-a3a7-4c72-a58e-f2e547ab2799.json | 260 ++++++++ ..._dd3f294f-d12e-4e34-8f6a-c304d3d977e2.json | 333 ++++++++++ ..._f4699243-1ba2-49a8-85f8-c4a22a563925.json | 333 ++++++++++ ..._88642ff7-6c08-486a-9bf2-37764d5bf6a3.json | 333 ++++++++++ ..._4c3c25d2-7473-4d0c-9174-609162571859.json | 333 ++++++++++ ..._56491bc7-1267-42a2-92c6-fe9efe822ff1.json | 333 ++++++++++ ..._09bb7f01-a715-437d-b692-325f89e1869e.json | 333 ++++++++++ ..._092f6e09-1eb5-436d-b7c2-eadb70318920.json | 333 ++++++++++ ..._6f02e3e8-9bfa-4312-a352-6506139e3dba.json | 350 +++++++++++ ..._ca909c09-89c4-467e-bdca-9140e72d6c82.json | 350 +++++++++++ ..._a34fa329-da3e-4947-8d06-9bd2bee6c8a7.json | 333 ++++++++++ ..._b511650f-535c-45d1-a089-0ea402245deb.json | 350 +++++++++++ ..._1cc4a539-e4bf-40e8-a280-f4e9e178fb51.json | 350 +++++++++++ ..._72dea6f4-858c-423f-8189-406aac7d20ac.json | 333 ++++++++++ ..._50c8313a-bbe7-4981-8eee-4b4d44fda37f.json | 259 ++++++++ ..._b0ea832c-aae8-42c0-ad83-0bb13d66d56e.json | 333 ++++++++++ ..._d74fd111-125f-45b8-8bbc-e23bd40aa869.json | 333 ++++++++++ ..._cd3b834d-f34f-4a67-af01-b1c5d32195a9.json | 333 ++++++++++ ..._c5ae6d80-59db-4087-8e9b-0df36c54ebe9.json | 350 +++++++++++ ..._7b361791-127e-4a6f-9c1b-c8d9f41ec223.json | 350 +++++++++++ ..._a05d97b8-37b9-4100-a860-d57363aaaf5f.json | 333 ++++++++++ ..._c2c9a09d-7fad-4c67-9a29-4c2c376a7214.json | 350 +++++++++++ ..._7affb4da-2058-4f12-b15b-ca58e92b63e5.json | 350 +++++++++++ ..._63cdfaa7-f029-4c4b-8f34-fff71fe401af.json | 259 ++++++++ ..._04a98577-458a-4a5d-88b2-22b2d140f9f3.json | 260 ++++++++ ..._99ba0b14-4b3c-49b5-8763-3161b9aae538.json | 333 ++++++++++ ..._b0c5e86f-eb2d-41ea-a4a0-9819ad841c70.json | 333 ++++++++++ ..._91044c16-83bc-457f-80a9-360bad5dedb4.json | 333 ++++++++++ ..._8b472051-ff68-4059-9e50-243bfb64bae4.json | 333 ++++++++++ ..._aad0e64e-3cda-45bf-b6bd-8cff29ee35e5.json | 333 ++++++++++ ..._60ec2790-dc83-419c-bdb5-38da9a477c68.json | 350 +++++++++++ ..._de6d5087-bc5a-474f-9319-248a3c03ab44.json | 350 +++++++++++ ..._a70e406c-a0ae-4e0f-99cd-8b0836812c59.json | 333 ++++++++++ ..._08a4f049-9bb8-45d0-9dfb-320f385cc71f.json | 333 ++++++++++ ..._30b462dd-d026-4122-9bcf-3a114517e04c.json | 333 ++++++++++ ..._969677fe-d1e0-42f6-92af-c9269780411b.json | 333 ++++++++++ ..._db621663-ec0a-4fa3-82a7-b6b110726568.json | 333 ++++++++++ ..._1116a5eb-9e12-415a-af46-fad552421d36.json | 333 ++++++++++ ..._732c0a7b-ac17-47cb-bf78-2ebaa839fa0d.json | 333 ++++++++++ ..._88b7198b-32a5-4ae2-aaa5-7925066cc08c.json | 333 ++++++++++ ..._0c416177-e7ce-40d5-8f15-8566b3d7c03c.json | 333 ++++++++++ ..._593b6885-3fb8-4562-89f1-8b0b68649185.json | 350 +++++++++++ ..._76583e85-8be6-4d02-8e09-aff0ce8574f8.json | 350 +++++++++++ ..._af5d055f-0e1f-4c48-808a-d21f8268357d.json | 333 ++++++++++ ..._171e5b5c-78cc-44a1-b7fb-7d750914ed5e.json | 333 ++++++++++ ..._49ba0df7-18bf-4b3e-9d0f-f8c055762fd5.json | 333 ++++++++++ ..._04f64694-48a2-48ee-9455-ccce8e59b66f.json | 333 ++++++++++ ..._b8140cdb-5492-4177-881f-8668372947a8.json | 333 ++++++++++ ..._0b608189-b028-4851-8854-9ce1a48c3dd6.json | 333 ++++++++++ ..._83703f70-9ea8-44aa-b88a-a8e56eb42858.json | 333 ++++++++++ ..._2993107e-d54f-4fc4-af7a-6a9bc6b4ea46.json | 333 ++++++++++ ..._8f9b2819-9c51-4f30-91fd-195b7bc5d7a5.json | 333 ++++++++++ ..._aa56c6a8-87b3-4291-bdff-7996948c3155.json | 82 +++ ..._805aa9c8-4d52-411d-9811-cc02b33952e3.json | 333 ++++++++++ ..._25a1c11a-3ec4-47aa-b67e-f359fd14483a.json | 333 ++++++++++ ..._afcf3ad4-93c9-46e4-bdb7-3a8e9af405d1.json | 408 +++++++++++++ ..._7b56e46e-8fbf-404d-a1e5-fbb3d9ea8d7e.json | 399 ++++++++++++ ..._f0dfdd7b-8e50-4a96-ba7f-9a58280f0df0.json | 399 ++++++++++++ ..._26a33edf-0698-424d-aae2-6bcd5af323d5.json | 399 ++++++++++++ ..._89dbd4e4-f709-47c6-a243-4207678c8473.json | 399 ++++++++++++ ..._d3985fe5-c7f0-47a1-b52e-26098345a433.json | 333 ++++++++++ ..._7a044f2f-f38f-4f13-82eb-c7f49bf17ad0.json | 333 ++++++++++ ..._172396a9-27f0-4c01-9510-94ba4a0d4738.json | 333 ++++++++++ ..._784a29e7-5799-4fde-90ee-b6ebcb2a8747.json | 333 ++++++++++ ..._0b3362f7-b1ff-4d78-8c25-f14ee9300ae1.json | 333 ++++++++++ ..._868a7fc3-9c5c-4fb4-9289-fbe10dd4db82.json | 333 ++++++++++ ..._c1095936-da8d-4c63-ac70-cf97d5b1f630.json | 333 ++++++++++ ..._67872571-d13d-4123-81c5-60404c4eea45.json | 333 ++++++++++ ..._52ec94f5-0d89-434b-9d51-df92d69ba284.json | 333 ++++++++++ ..._860d21ea-8c6a-4c78-ac40-f556eb02c3ac.json | 333 ++++++++++ ..._fdde6805-edf8-4277-adb8-ad2f44e3f977.json | 333 ++++++++++ ..._5543b815-f2c8-420e-847e-7507a9724557.json | 333 ++++++++++ ..._c51c3514-1730-42f3-b8ae-f2980bd22d83.json | 333 ++++++++++ ..._487c6beb-1468-4167-8eb6-e9b3ad8743b1.json | 333 ++++++++++ ..._950586ee-6926-4483-96d4-82838afe1ca6.json | 333 ++++++++++ ..._19785707-24c9-4852-b92a-31732b86ee04.json | 333 ++++++++++ ..._a57a1cc4-4ec9-4d8f-a81d-7e18afe54948.json | 333 ++++++++++ ..._b7581df7-f127-405e-9408-9d484122be74.json | 333 ++++++++++ ..._c7567682-8723-4426-8c27-848a9cc634d0.json | 333 ++++++++++ ..._58f62f20-b9ba-472c-a2a4-37b53ed3e21d.json | 333 ++++++++++ ..._dfd37715-0d5c-4ec5-98ae-836cd626a27f.json | 333 ++++++++++ ..._641ca3dc-a00f-43ac-b6bd-4f5d16f35cac.json | 333 ++++++++++ ..._3743016a-a056-43fe-b53a-36dd9a17626d.json | 333 ++++++++++ ..._7e9d0710-3243-4cf2-8b73-6be1539b8545.json | 333 ++++++++++ ..._05591510-5fe2-454a-96d8-bbda8201c6a4.json | 333 ++++++++++ ..._c5c95fe9-a4b4-4afa-a07a-a0d18804d416.json | 333 ++++++++++ ..._2cda2f3a-8657-431a-a50f-56835aea9a81.json | 333 ++++++++++ ..._7157dc17-9d5a-4835-a122-1d0d904d61ff.json | 333 ++++++++++ ..._d528ffcb-3a99-4356-96d1-981499139ffb.json | 333 ++++++++++ ..._460b6b29-a602-4409-b748-6b47b232a984.json | 350 +++++++++++ ..._805c4ae5-a852-43bd-ad1c-0f7f381d8f32.json | 333 ++++++++++ ..._3ddd3f95-989c-4777-b6b8-728439aae1df.json | 333 ++++++++++ ..._ce44fc81-3610-4165-a107-9dd4b8ab3972.json | 333 ++++++++++ ..._5d9075b5-3c19-4cf6-9c2e-50ba4c175691.json | 333 ++++++++++ ..._50124594-a291-4183-a8e3-195f5e6f5204.json | 333 ++++++++++ ..._d26f4c8b-0461-4c57-b230-cbd1a5424db1.json | 333 ++++++++++ ..._70f88865-7a8b-4e03-9252-a9369df503ef.json | 333 ++++++++++ ..._16a64053-1905-4d8e-8198-810584cad108.json | 333 ++++++++++ ..._47cd814e-1991-437e-8feb-e589a250d2a3.json | 333 ++++++++++ ..._f5c13b49-8528-457d-9d7d-083b8433bf96.json | 333 ++++++++++ ..._92efc2ea-b6ed-41aa-921c-6d40e7b58c27.json | 333 ++++++++++ ..._07eeae07-010e-47ca-ad90-fa7adb5a6c52.json | 333 ++++++++++ ..._6b2e0ce9-d1b8-4061-b3ce-c39f9c5c1763.json | 333 ++++++++++ ..._1a8132b9-fbd2-4ac5-9e08-96358e16b7f7.json | 333 ++++++++++ ..._f44a3cb0-6e99-4a5e-a691-c5d7d5bf7e64.json | 333 ++++++++++ ..._73ec4301-872a-4bea-928e-420255aae8cb.json | 333 ++++++++++ ..._fa056aaf-57c4-4abe-9bc5-23ba413a1f5b.json | 333 ++++++++++ ..._86922a27-41bb-4834-bc54-0b602b275597.json | 333 ++++++++++ ..._88f3cbc0-bcfb-482f-b6f4-709a335afcad.json | 333 ++++++++++ ..._0fe27fd1-e4f7-48c1-bbd2-a6953755d5e8.json | 333 ++++++++++ ..._af66de51-079c-4d34-af92-f52f887642dc.json | 333 ++++++++++ ..._1b37038e-6e5c-4463-97d4-8a632251d70e.json | 333 ++++++++++ ..._db517009-30ad-4cbc-b282-7f212052c3b4.json | 333 ++++++++++ ..._45fef979-c27e-425a-a6c3-e5bd28b1eb86.json | 333 ++++++++++ ..._b1a4849b-78a8-437f-8113-7c6f2dc34927.json | 333 ++++++++++ ..._8c0aaea9-bcce-4c27-a090-ffe54b7e1d1c.json | 333 ++++++++++ ..._c4d93fac-a6b6-4731-a92a-c499b6fb2bcb.json | 333 ++++++++++ ..._eb186756-b63b-408a-bbaf-ac94c1010287.json | 333 ++++++++++ ..._26e09eae-c784-4e8f-a225-d3f13efff76f.json | 333 ++++++++++ ..._8660f357-83f9-4719-bdf3-bae57af2d967.json | 333 ++++++++++ ..._a4adc774-7ca4-4a4b-b2fa-514b9fcbbc80.json | 333 ++++++++++ ..._8cbe449d-9264-4ae1-8221-5d97989005a8.json | 333 ++++++++++ ..._5d872cb4-7f71-4275-81eb-98c968c0cadd.json | 333 ++++++++++ ..._7815fc6f-bfb1-4474-9ea6-05e1449a2ed5.json | 333 ++++++++++ ..._f75dec98-78a3-4e42-954d-375fe3352857.json | 333 ++++++++++ ..._34769aaa-5014-4ced-bb08-9fabfba3d959.json | 333 ++++++++++ ..._0acc30dc-881d-46c9-b634-8cba507a263f.json | 333 ++++++++++ ..._0a3689c7-b610-4c52-ae84-ab0640f3d6e4.json | 333 ++++++++++ ..._5e544473-d84f-427d-869d-9d982619e4cb.json | 333 ++++++++++ ..._c81d3e6c-5539-42ad-a95f-9bba504d91f0.json | 333 ++++++++++ ..._b663a689-6db8-467d-8b5d-8cd34afe4b0e.json | 333 ++++++++++ ..._ff3df303-c3b0-449c-840d-68084707773e.json | 333 ++++++++++ ..._31dead21-5454-41f0-9aab-faeabef89d67.json | 333 ++++++++++ ..._7f951991-c6ce-4c72-9f55-7eade2c4f57c.json | 333 ++++++++++ ..._ea68cbf2-b8a6-4f47-afda-94cab9ce4622.json | 333 ++++++++++ ..._eb627157-b9c8-4e8f-a00e-f9eb7df45c78.json | 333 ++++++++++ ..._0020bd6d-cd35-491e-9c71-f66bd64ed9a9.json | 333 ++++++++++ ..._f0fa5804-9d5f-4e23-91c0-996c561585ef.json | 333 ++++++++++ ..._7d30aeb3-31e5-4742-aa7e-825c2a6af42a.json | 333 ++++++++++ ..._381221db-fd9a-4d65-a16f-63e7492b0a49.json | 333 ++++++++++ ..._ebd9a9cf-7aa1-4c75-8b76-33f94e4bb8ef.json | 333 ++++++++++ ..._b46ef7a9-6597-4c4f-a5ca-9ca653e1b716.json | 333 ++++++++++ ..._1dc8c746-4caf-4355-9d82-bdeaa1cf95bf.json | 333 ++++++++++ ..._c0dbcbee-eefd-4ee4-bd25-48d42444c882.json | 333 ++++++++++ ..._289283c0-87ae-475f-b756-306783c7ec4d.json | 333 ++++++++++ ..._ea14eb56-238e-42b2-95ae-4d624d720d10.json | 333 ++++++++++ ..._4f2ead64-7412-4695-9855-47f36ade6f7e.json | 333 ++++++++++ ..._8e2a7c77-890c-49d5-aadd-052764135995.json | 333 ++++++++++ ..._6cf01e09-24d5-4097-bac1-1d39b0f577c8.json | 333 ++++++++++ ..._d8d1bc29-bfdb-48a5-89bd-7e34522d8085.json | 333 ++++++++++ ..._64f41eaa-048f-4892-b80f-593e74ef4f84.json | 333 ++++++++++ ..._21280a1a-d4e5-4ec3-83f5-f8d22ae0340a.json | 333 ++++++++++ ..._16072e08-8ffb-48c9-afa9-fe2192b4513b.json | 333 ++++++++++ ..._583c6484-b7a3-4908-b4d4-9a8b08d1edf9.json | 333 ++++++++++ ..._4c4d35e8-fdd7-4951-8a71-7b9add69d337.json | 333 ++++++++++ ..._f6c1126c-48cf-499a-b0a2-e4fdd80cdf0e.json | 333 ++++++++++ ..._c7ad761f-19bf-4289-ab47-2721c6d387eb.json | 333 ++++++++++ ..._7bdc68c3-7679-482d-82e4-92a8229db9d7.json | 333 ++++++++++ ..._520cc4d4-2caa-42df-b8b7-86dbc4786ce6.json | 350 +++++++++++ ..._8748b7d6-ef2a-4548-bf8e-dc6eecd2a651.json | 333 ++++++++++ ..._14dbacac-2559-4537-9be9-7d08bdd0888d.json | 333 ++++++++++ ..._e85efb6a-239a-41e0-8cdd-b1792c41ec41.json | 333 ++++++++++ ..._b87ecc60-7558-4cb4-8ef9-3185c4c19579.json | 333 ++++++++++ ..._96257455-b2cf-4f35-9c64-00eea637471a.json | 333 ++++++++++ ..._f03350e9-f936-4ac0-a64f-2d2df1fc9f75.json | 333 ++++++++++ ..._2a129b1b-36a7-4048-9403-004dc5e6b0b2.json | 333 ++++++++++ ..._a74bd8f3-cab7-46e6-ac1e-7527d2385bee.json | 333 ++++++++++ ..._e6f23a76-11f3-471e-b7d7-ebc787487069.json | 333 ++++++++++ ..._b16f8234-e6c6-4723-933e-e5f8c179f23d.json | 333 ++++++++++ ..._a9177e32-e3fa-425a-a02e-727ff3515ae0.json | 333 ++++++++++ ..._49f62a85-7edf-4afc-9201-7a8939d6a42a.json | 350 +++++++++++ ..._48fcc15e-f043-4bb5-a628-6aefc60432c1.json | 333 ++++++++++ ..._b63593ad-6c47-49e3-9b4a-e8b19f0cc7db.json | 333 ++++++++++ ..._b0c0fca3-1832-4a18-8832-5eebd2c1370a.json | 333 ++++++++++ ..._1e71d59c-b29f-4b43-9f49-7aa0da50c88c.json | 333 ++++++++++ ..._12241b03-3f62-4100-9cf3-7798a7796600.json | 333 ++++++++++ ..._dc560ab2-18ad-49ae-9937-9b9a770faaab.json | 350 +++++++++++ ..._ff5238a3-e40f-47c7-a142-f7a19b7764f9.json | 333 ++++++++++ ..._b4e2bc80-9307-44d8-89f1-04c7133f37fc.json | 333 ++++++++++ ..._02ef5600-fed6-474a-8fbb-5ed088b04d0d.json | 333 ++++++++++ ..._265b54e0-33a0-44b3-9f7b-ce53328439e3.json | 333 ++++++++++ ..._67ca6d43-ab88-4fb8-9c18-2862765681e6.json | 333 ++++++++++ ..._a8024ffc-b3b7-48eb-8f24-ae7da834cde2.json | 333 ++++++++++ ..._0853a13e-b316-4ea0-98a2-9d722a508d1e.json | 333 ++++++++++ ..._0bdd95e0-1d48-40e5-85c7-cd8008b966b0.json | 333 ++++++++++ ..._e4fa68d2-55cd-4371-9574-95ae5c34d4ae.json | 333 ++++++++++ ..._fe7cfeb1-c18f-4822-8e6c-fb73dcd175a8.json | 333 ++++++++++ ..._93768520-ab75-4e4e-b39b-a210a32379c0.json | 333 ++++++++++ ..._3acdc4ab-514c-42c3-82e1-cb41fa338c2f.json | 333 ++++++++++ ..._2e62242b-6d20-44b5-86f9-f9a0de8ffe3f.json | 333 ++++++++++ ..._fa87c863-2d21-4b9d-897f-452fd35b06c3.json | 333 ++++++++++ ..._9e412261-433b-45fd-8944-2f891bf14a56.json | 333 ++++++++++ ..._89ec4b6f-d1b2-4402-8a1d-48440624fc31.json | 333 ++++++++++ ..._8a492278-c49f-4e4c-8fd5-a1680590864a.json | 333 ++++++++++ 538 files changed, 181466 insertions(+) create mode 100644 services/AVS/privateClouds/templates/policy/DiskUsedPercentage_23ac19cb-5eff-4cfa-9817-93466e1a94f7.json create mode 100644 services/AVS/privateClouds/templates/policy/UsageAverage_b9f2fe91-023a-443c-b376-b12f0cd5d965.json create mode 100644 services/AnalysisServices/servers/templates/policy/memory_metric_0289bc11-db65-4a58-91ed-fda8637322ec.json create mode 100644 services/AnalysisServices/servers/templates/policy/qpu_metric_ea6a4d59-822f-4fb7-a29d-69e523e95bdb.json create mode 100644 services/ApiManagement/service/templates/policy/BackendDuration_fd5d63e0-ab2f-4300-af65-05bf2e490d0e.json create mode 100644 services/ApiManagement/service/templates/policy/Capacity_6b1dd1ae-05de-43d2-bdea-7981c49127fc.json create mode 100644 services/ApiManagement/service/templates/policy/Duration_52cd4aba-4ad0-402a-880d-ba625ebcf37f.json create mode 100644 services/ApiManagement/service/templates/policy/FailedRequests_1f8626fe-812a-48a7-b237-2f9181a5ea12.json create mode 100644 services/ApiManagement/service/templates/policy/Requests_2e16fd84-d92f-44ee-8191-ff47e90a9526.json create mode 100644 services/ApiManagement/service/templates/policy/TotalRequests_a9480e7f-1cd0-4c46-b5c4-e7f35fe963a5.json create mode 100644 services/ApiManagement/service/templates/policy/UnauthorizedRequests_c0c3e784-f488-43a6-a423-18dbb444d443.json create mode 100644 services/App/containerApps/templates/policy/Replicas_94ae53cd-6e3b-47f5-9709-9c2e10eae6d7.json create mode 100644 services/App/containerApps/templates/policy/RestartCount_b12cad96-7ef2-4223-97f4-53b3dc64ecfa.json create mode 100644 services/App/containerApps/templates/policy/UsageNanoCores_a9e1306a-a541-423f-a69e-bd37f8f5013a.json create mode 100644 services/App/containerApps/templates/policy/WorkingSetBytes_423b4280-1f68-49d8-b11a-6a816b0d9172.json create mode 100644 services/AppConfiguration/configurationStores/templates/policy/ThrottledHttpRequestCount_0be9dd7c-ae7f-41f7-b3a6-844e64059b73.json create mode 100644 services/Automation/automationAccounts/templates/policy/TotalJob_74e0e3b4-62aa-4503-b05d-c5c79a029ed6.json create mode 100644 services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentMachineRuns_49e7f58f-4910-4d2f-8589-573e8a65c6dd.json create mode 100644 services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentRuns_c521bf0d-efec-4d3a-8541-d8749915bfd4.json create mode 100644 services/Batch/batchAccounts/templates/policy/OfflineNodeCount_b40fdb04-cada-4870-80f3-317afc57e5fb.json create mode 100644 services/Batch/batchAccounts/templates/policy/PreemptedNodeCount_8ce7d791-41a5-4d6a-9516-b009eabbd8f7.json create mode 100644 services/Batch/batchAccounts/templates/policy/RebootingNodeCount_f49539ff-35b1-4d83-8541-e3cf49b383e5.json create mode 100644 services/Batch/batchAccounts/templates/policy/TaskFailEvent_70b8ce6d-0d28-4997-84df-957791877eec.json create mode 100644 services/Batch/batchAccounts/templates/policy/UnusableNodeCount_6c9857e4-7d6b-4384-80da-b88a2e6858ac.json create mode 100644 services/Cache/Redis/templates/policy/allconnectedclients_af750dfc-62e5-4b74-9514-ca419d800590.json create mode 100644 services/Cache/Redis/templates/policy/allpercentprocessortime_24c5276b-77b1-48ab-a8c1-15844b11e0aa.json create mode 100644 services/Cache/Redis/templates/policy/allserverLoad_7072ba94-41d2-4584-89ab-a5824ed045f4.json create mode 100644 services/Cache/Redis/templates/policy/allusedmemorypercentage_b9ffe52a-f430-4605-a2b1-d815eb1bcc56.json create mode 100644 services/Cache/Redis/templates/policy/cacheLatency_82cb3ad7-d44f-4131-9078-5aac82d3333a.json create mode 100644 services/Cache/Redis/templates/policy/cacheRead_cc764431-e1b0-4455-94b1-b66d32cc54b4.json create mode 100644 services/Cache/Redis/templates/policy/connectedclients_f0c2ec92-15bc-47b1-8edb-d0c5d10aaddc.json create mode 100644 services/Cache/Redis/templates/policy/errors_24b37318-9353-4424-9d8e-ac28450328b6.json create mode 100644 services/Cache/Redis/templates/policy/percentProcessorTime_8d5df17c-a5b7-4cf1-a01e-f9d8625297a6.json create mode 100644 services/Cache/Redis/templates/policy/serverLoad_837ecf42-3f25-41ae-b97d-34193f0669da.json create mode 100644 services/Cache/Redis/templates/policy/usedmemoryRss_1b68776d-4d11-4d27-96c5-4d51cf17e1fc.json create mode 100644 services/Cache/Redis/templates/policy/usedmemory_aecc75bf-f961-4c22-86e9-84c5039a2938.json create mode 100644 services/Cache/Redis/templates/policy/usedmemorypercentage_d6c4011c-f4e6-4b12-b6e6-9486eab0fecc.json create mode 100644 services/Cdn/profiles/templates/policy/ByteHitRatio_5e8aaa27-e5b3-4774-9807-af61ec96b001.json create mode 100644 services/Cdn/profiles/templates/policy/OriginHealthPercentage_c42138d4-bb4c-4171-8802-ba44d671d72f.json create mode 100644 services/Cdn/profiles/templates/policy/PercentageXX_c47441d4-7061-4acd-8ad8-69e52d00557c.json create mode 100644 services/Cdn/profiles/templates/policy/RequestCount_cf6babc2-f623-4f12-a352-c30a02bcb6c6.json create mode 100644 services/Cdn/profiles/templates/policy/TotalLatency_5fb9c4bf-3799-44e0-bd75-656d1cfa26d2.json create mode 100644 services/CognitiveServices/accounts/templates/policy/BlockedCalls_87fe8679-655d-4acb-a37c-b7faebe26d47.json create mode 100644 services/CognitiveServices/accounts/templates/policy/ClientErrors_ec8c928a-5206-4059-8aea-8486004dd30d.json create mode 100644 services/CognitiveServices/accounts/templates/policy/Latency_d76ab40a-2831-4fa2-b476-5fdcda3d7c4c.json create mode 100644 services/CognitiveServices/accounts/templates/policy/ServerErrors_3c550d9c-8276-4a61-b0cf-ef437a55e299.json create mode 100644 services/CognitiveServices/accounts/templates/policy/SuccessRate_80f3c9ae-7da9-462f-ab44-2ff80d27c8f1.json create mode 100644 services/CognitiveServices/accounts/templates/policy/TokenTransaction_287a29bf-097d-4c4a-9ac5-df70a10f6903.json create mode 100644 services/CognitiveServices/accounts/templates/policy/TotalCalls_07f1ae0a-94f3-41da-b3a6-ca9188e416cb.json create mode 100644 services/CognitiveServices/accounts/templates/policy/TotalErrors_e228ad2d-7f9f-4843-88e2-57f6d44c59e9.json create mode 100644 services/Compute/cloudServices/templates/policy/PercentageCPU_e98657ed-8a0b-4992-9d20-a54e2d6065ef.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/AvailableMemoryBytes_d9089d09-ddec-4f6a-8dc1-e2544e5765cb.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/DataDiskIOPSConsumedPercentage_a8c08a0f-fcd7-4b97-8a6e-06b34bac0b9f.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/DiskReadOperationsSec_ea8be16a-f5e9-4a8b-a1df-a8c5efff039b.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/DiskWriteOperationsSec_dce1cda8-1dab-4941-b607-1d5d449709d5.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/InboundFlows_86991e6e-efc9-4898-adf8-4e8e3a60c57e.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/NetworkInTotal_f0e94112-5509-47b6-8def-91fb5ca5d0cd.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/NetworkIn_87dfe717-217f-4447-b59a-7ea39160b83a.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/NetworkOutTotal_98de2aed-3493-4e65-919b-b1f8e6995819.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/OSDiskIOPSConsumedPercentage_55dc79f4-5666-420f-8c53-141d73e01fee.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/OutboundFlows_d336cfa2-724e-419a-809d-c716741d5279.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/PercentageCPU_310c2a27-8933-434e-a366-cb35831cde44.json create mode 100644 services/Compute/virtualMachineScaleSets/templates/policy/VmAvailabilityMetric_6cf11f1e-273a-4f42-bf9b-9310b26c1c4f.json create mode 100644 services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_b0bd7c37-eb24-47c2-a032-f925594152ed.json create mode 100644 services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_bf1e0006-6089-4f92-a115-fc83aa0fbdd5.json create mode 100644 services/Compute/virtualMachines/templates/policy/AvailableMemoryPercentage_69912da3-8d8d-4d57-884a-97c2bdd03bdd.json create mode 100644 services/Compute/virtualMachines/templates/policy/CPUCreditsConsumed_a407ae10-6263-449c-81b9-172760d6dc6d.json create mode 100644 services/Compute/virtualMachines/templates/policy/CPUCreditsRemaining_821888a1-6490-4a2d-8850-bdc45057a853.json create mode 100644 services/Compute/virtualMachines/templates/policy/DataDiskBandwidthConsumedPercentage_b57b0749-f851-4c3d-b7fb-7cf26f3bf16a.json create mode 100644 services/Compute/virtualMachines/templates/policy/DataDiskFreeSpacePercentage_5dbf3a3d-7f08-4deb-a153-129c3485da84.json create mode 100644 services/Compute/virtualMachines/templates/policy/DataDiskIOPSConsumedPercentage_b0cbb9f8-cc67-4e7d-95a8-5a058c6de7e0.json create mode 100644 services/Compute/virtualMachines/templates/policy/DataDiskMaxBurstIOPS_9b0f41af-1c52-4890-a23a-3bfebfee1154.json create mode 100644 services/Compute/virtualMachines/templates/policy/DataDiskQueueDepth_040bc9c3-da5c-4fd0-b160-979ce89364ae.json create mode 100644 services/Compute/virtualMachines/templates/policy/DataDiskReadLatencyms_abddd643-e7c7-411c-b13a-64fdbb406cc8.json create mode 100644 services/Compute/virtualMachines/templates/policy/DataDiskReadOperationsSec_3c5518ea-9a0f-44ff-b197-47b3d6db060b.json create mode 100644 services/Compute/virtualMachines/templates/policy/DataDiskWriteBytessec_e45d685d-14c4-4422-8096-6f11d628fb20.json create mode 100644 services/Compute/virtualMachines/templates/policy/DataDiskWriteLatencyms_5c51e187-5b5d-428d-98d8-fb9ab4fea646.json create mode 100644 services/Compute/virtualMachines/templates/policy/DataDiskWriteOperationsSec_326b359d-e0a2-4055-8e1f-f9c5f9df5599.json create mode 100644 services/Compute/virtualMachines/templates/policy/DiskReadBytes_b9221998-f2bb-4ae8-b2c8-f9c4750e06f7.json create mode 100644 services/Compute/virtualMachines/templates/policy/DiskReadOperationsSec_8bc489c0-d2f7-43c1-9bb7-478c9503fb2e.json create mode 100644 services/Compute/virtualMachines/templates/policy/DiskWriteBytes_b1cc650c-24fe-4f9e-a2ec-5757816526c0.json create mode 100644 services/Compute/virtualMachines/templates/policy/DiskWriteOperationsSec_edff41cb-d9b8-46ba-ba39-42747c1a4c4b.json create mode 100644 services/Compute/virtualMachines/templates/policy/InboundFlows_6de4e570-4270-4e9b-949e-5680b061e7fd.json create mode 100644 services/Compute/virtualMachines/templates/policy/NetworkInTotal_ea4501a3-1e77-4df1-ab61-3ee28ae529eb.json create mode 100644 services/Compute/virtualMachines/templates/policy/NetworkOutTotal_e2028144-b142-445c-b544-3bb438537c8f.json create mode 100644 services/Compute/virtualMachines/templates/policy/NetworkReadbytessec_b565e73f-71c8-4bb3-a792-903b67775497.json create mode 100644 services/Compute/virtualMachines/templates/policy/NetworkWritebytessec_552ca1f1-d69d-4bc2-b044-19f81b225fd4.json create mode 100644 services/Compute/virtualMachines/templates/policy/OSDiskBandwidthConsumedPercentage_f7e19635-0118-4040-83d5-2f4c2150aef1.json create mode 100644 services/Compute/virtualMachines/templates/policy/OSDiskFreeSpacePercentage_dca7af9f-cad2-4751-a61f-77d92c2ce523.json create mode 100644 services/Compute/virtualMachines/templates/policy/OSDiskIOPSConsumedPercentage_a2bf3c43-d327-473b-9204-f77e2a0fe398.json create mode 100644 services/Compute/virtualMachines/templates/policy/OSDiskMaxBurstIOPS_916dc60b-b2d2-4708-9fa4-6a36b244f499.json create mode 100644 services/Compute/virtualMachines/templates/policy/OSDiskQueueDepth_36262245-4c8a-4143-9ab4-68e9c23ae19a.json create mode 100644 services/Compute/virtualMachines/templates/policy/OSDiskReadLatencyms_299ce963-728a-48c8-8b7d-e05b5f8a8f38.json create mode 100644 services/Compute/virtualMachines/templates/policy/OSDiskWriteBytessec_929b095e-5ea1-48b4-bf4e-bfc1a941a908.json create mode 100644 services/Compute/virtualMachines/templates/policy/OSDiskWriteLatencyms_37d9da12-88e6-4c01-8772-384920d34458.json create mode 100644 services/Compute/virtualMachines/templates/policy/OSDiskWriteOperationsSec_3be4037a-c692-402d-843d-b3fe43053edf.json create mode 100644 services/Compute/virtualMachines/templates/policy/OutboundFlows_a477bf96-4b0f-471c-b5d3-0acdb59612e6.json create mode 100644 services/Compute/virtualMachines/templates/policy/PercentageCPU_a9bac9fd-2382-4ce1-b68b-8898caf45038.json create mode 100644 services/Compute/virtualMachines/templates/policy/ProcessorUtilizationPercentage_56d57b79-b7c3-4a17-a96b-3fc7152d9c5c.json create mode 100644 services/Compute/virtualMachines/templates/policy/VMCachedBandwidthConsumedPercentage_eb85f15b-b705-418f-b8ed-93d8cc7a9a6c.json create mode 100644 services/Compute/virtualMachines/templates/policy/VMCachedIOPSConsumedPercentage_c878115f-2a89-446e-8980-ef4f152120c5.json create mode 100644 services/Compute/virtualMachines/templates/policy/VMUncachedBandwidthConsumedPercentage_e3981e7b-fd8b-4e07-bb68-d598c020c12d.json create mode 100644 services/Compute/virtualMachines/templates/policy/VMUncachedIOPSConsumedPercentage_765ceb5b-ec1d-44d7-b94d-bb139030df81.json create mode 100644 services/Compute/virtualMachines/templates/policy/VmAvailabilityMetric_3fa5376a-705a-48e4-b314-6282a74c9f7c.json create mode 100644 services/ContainerInstance/containerGroups/templates/policy/CpuUsage_970af9d6-9212-420d-af7b-4fbd790a2596.json create mode 100644 services/ContainerInstance/containerGroups/templates/policy/MemoryUsage_4758386e-12ee-411a-9e49-445b5c5c3051.json create mode 100644 services/ContainerInstance/containerGroups/templates/policy/NetworkBytesReceivedPerSecond_8beff742-9cd8-43ed-9680-57ae35bee6e8.json create mode 100644 services/ContainerInstance/containerGroups/templates/policy/NetworkBytesTransmittedPerSecond_5b26b965-2662-4a89-9d7e-771486357f39.json create mode 100644 services/ContainerRegistry/registries/templates/policy/StorageUsed_42995506-5bd2-4687-9316-d9399919990b.json create mode 100644 services/ContainerRegistry/registries/templates/policy/StorageUsed_fa9efde4-3586-4595-a442-b7e97f70fe91.json create mode 100644 services/ContainerRegistry/registries/templates/policy/SuccessfulPullCount_b8c8a846-a8d0-4e8f-b854-030955a20135.json create mode 100644 services/ContainerRegistry/registries/templates/policy/SuccessfulPushCount_9dca87c2-de00-40fd-b0bb-c8335e5f978a.json create mode 100644 services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_cluster_safe_to_autoscale_49fd8bac-d061-459d-8d80-a048c4c8ba56.json create mode 100644 services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_unschedulable_pods_count_301ca0e3-fc88-4285-be99-a2a587c412f5.json create mode 100644 services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_cpu_cores_64a872f9-5ec6-4121-acad-edd12f4c3466.json create mode 100644 services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_memory_bytes_14fa63fb-7da9-4d2e-9de9-203c4a3e0401.json create mode 100644 services/ContainerService/managedClusters/templates/policy/kube_node_status_condition_ebbbbb92-5208-4d52-b407-6bea8e4473b9.json create mode 100644 services/ContainerService/managedClusters/templates/policy/kube_pod_status_phase_e38e6e11-ac88-4014-98c8-8e64f70b832a.json create mode 100644 services/ContainerService/managedClusters/templates/policy/kube_pod_status_ready_cebf00b7-7294-4cf7-bc50-108f999d0c67.json create mode 100644 services/ContainerService/managedClusters/templates/policy/node_cpu_usage_percentage_1303e91d-bc80-4ec2-937e-1d179fc32b43.json create mode 100644 services/ContainerService/managedClusters/templates/policy/node_disk_usage_percentage_aa3c5697-5cca-4c16-a37e-94f1d580701e.json create mode 100644 services/ContainerService/managedClusters/templates/policy/node_memory_rss_percentage_e89e023e-117b-4db4-bfb2-853849e273f5.json create mode 100644 services/ContainerService/managedClusters/templates/policy/node_memory_working_set_percentage_9ae2dfbf-d69b-4802-8497-8b7836bef5e9.json create mode 100644 services/DBforMariaDB/servers/templates/policy/cpu_percent_0f19979d-9dc2-4636-8e15-435bbfa1f0f9.json create mode 100644 services/DBforMariaDB/servers/templates/policy/io_consumption_percent_13bbfe6e-3b65-4940-9344-6d1cc78e7d54.json create mode 100644 services/DBforMariaDB/servers/templates/policy/memory_percent_faf01668-c98a-4755-ae74-9dd4151f4c39.json create mode 100644 services/DBforMariaDB/servers/templates/policy/storage_percent_ef38051a-d9e3-4705-b208-29a421e729be.json create mode 100644 services/DBforMySQL/flexibleServers/templates/policy/aborted_connections_269d640c-b6ba-45e1-a52f-67708f9f99d7.json create mode 100644 services/DBforMySQL/flexibleServers/templates/policy/active_connections_347674ce-8534-403d-8281-cac9ea6f412a.json create mode 100644 services/DBforMySQL/flexibleServers/templates/policy/cpu_percent_218161be-4952-495b-aed1-03cccda3d42f.json create mode 100644 services/DBforMySQL/flexibleServers/templates/policy/io_consumption_percent_a3601973-f48c-4bf2-8384-90d250702a79.json create mode 100644 services/DBforMySQL/flexibleServers/templates/policy/memory_percent_757e2adf-60b8-4688-ae8f-03dd7dcd5226.json create mode 100644 services/DBforMySQL/flexibleServers/templates/policy/replication_lag_dfe563fc-0ec1-401d-a362-8d293a06d02b.json create mode 100644 services/DBforMySQL/flexibleServers/templates/policy/storage_limit_f285c23f-3b8e-428a-b289-8ff38a3c0e4b.json create mode 100644 services/DBforMySQL/flexibleServers/templates/policy/storage_percent_e6771f44-f6d3-4a27-a9e4-b402a79c2891.json create mode 100644 services/DBforMySQL/servers/templates/policy/active_connections_60453255-5e0e-4fa5-95b5-6c449bee6902.json create mode 100644 services/DBforMySQL/servers/templates/policy/connections_failed_f0767b27-b88b-46a1-ab90-37dc8c399358.json create mode 100644 services/DBforMySQL/servers/templates/policy/cpu_percent_173e6b88-e8a9-4763-becb-9c749878c767.json create mode 100644 services/DBforMySQL/servers/templates/policy/io_consumption_percent_978944c7-a049-4847-8483-dcf5baa92f6a.json create mode 100644 services/DBforMySQL/servers/templates/policy/memory_percent_3a1dd0bd-ebe9-4f9b-b38c-88686a390bdd.json create mode 100644 services/DBforMySQL/servers/templates/policy/seconds_behind_master_85466088-8eb2-4faa-81f2-1ea40d8b6953.json create mode 100644 services/DBforMySQL/servers/templates/policy/serverlog_storage_percent_af2b7bbb-9476-475a-b523-da3ee521eda7.json create mode 100644 services/DBforMySQL/servers/templates/policy/storage_percent_4f988eb2-c420-4ef2-82ed-2569b21b70e1.json create mode 100644 services/DBforPostgreSQL/flexibleServers/templates/policy/active_connections_f9b59221-8055-449e-bfd5-7a056945c694.json create mode 100644 services/DBforPostgreSQL/flexibleServers/templates/policy/connections_failed_5f9cdad0-db39-48c9-a4eb-3107b5b79414.json create mode 100644 services/DBforPostgreSQL/flexibleServers/templates/policy/cpu_percent_389057c9-a0e0-4327-b89f-58c3dabb519d.json create mode 100644 services/DBforPostgreSQL/flexibleServers/templates/policy/deadlocks_1904dd93-9655-403f-bb89-dc42e5ebc666.json create mode 100644 services/DBforPostgreSQL/flexibleServers/templates/policy/disk_iops_consumed_percentage_5856ad80-7256-441f-8a62-af1fdc712018.json create mode 100644 services/DBforPostgreSQL/flexibleServers/templates/policy/iops_eb3e1fb3-83e9-4764-b6e1-532bb22ce1aa.json create mode 100644 services/DBforPostgreSQL/flexibleServers/templates/policy/is_db_alive_b0ac25d8-ae08-45e1-8a1e-5204514ad7bd.json create mode 100644 services/DBforPostgreSQL/flexibleServers/templates/policy/maximum_used_transactionIDs_1103b9a5-3d3d-4aa8-a3c2-66958e32c220.json create mode 100644 services/DBforPostgreSQL/flexibleServers/templates/policy/memory_percent_0c64aa8f-4bdb-4bb0-961c-d298000536af.json create mode 100644 services/DBforPostgreSQL/flexibleServers/templates/policy/storage_free_d389ee62-f431-4faa-a4bc-4a3d02cea182.json create mode 100644 services/DBforPostgreSQL/flexibleServers/templates/policy/storage_percent_e397645f-359b-46d1-8182-d2cabab71aae.json create mode 100644 services/DBforPostgreSQL/servers/templates/policy/active_connections_186c5227-a9f4-4cd0-a355-c8d28f359398.json create mode 100644 services/DBforPostgreSQL/servers/templates/policy/connections_failed_0a6de1a0-e4df-470f-9bc7-247838fc428c.json create mode 100644 services/DBforPostgreSQL/servers/templates/policy/cpu_percent_a2b3fa9d-f7e8-4d1e-967c-3d661bc06708.json create mode 100644 services/DBforPostgreSQL/servers/templates/policy/io_consumption_percent_ea7248bd-f96c-4391-ac48-c95312441028.json create mode 100644 services/DBforPostgreSQL/servers/templates/policy/memory_percent_1d53e3ac-e98a-426c-81f1-aa1834c49692.json create mode 100644 services/DBforPostgreSQL/servers/templates/policy/pg_replica_log_delay_in_seconds_90c0997a-f96e-4a34-87c7-c394c6e8b940.json create mode 100644 services/DBforPostgreSQL/servers/templates/policy/serverlog_storage_percent_56a13163-c2b6-4235-96bd-ef1e373b19ba.json create mode 100644 services/DBforPostgreSQL/servers/templates/policy/storage_percent_e031f8bf-ed3f-4a41-87fe-b301c1d02367.json create mode 100644 services/DataFactory/factories/templates/policy/ActivityFailedRuns_980f53cb-3eef-4263-952e-e69709e2a6e7.json create mode 100644 services/DataFactory/factories/templates/policy/ActivitySucceededRuns_321c2df7-c548-4e06-8729-8132b4dc3386.json create mode 100644 services/DataFactory/factories/templates/policy/FactorySizeInGbUnits_08bfad59-0c23-4e6b-b577-e325f445a2cc.json create mode 100644 services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableMemory_e8fec7b1-ca81-48cd-a7ea-f81cc2fcb4a5.json create mode 100644 services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableNodeNumber_4b40d85d-f0be-41e5-9d60-ad9a99c54a41.json create mode 100644 services/DataFactory/factories/templates/policy/IntegrationRuntimeCpuPercentage_473c5450-95cc-4f86-bb8a-d0a06edd1357.json create mode 100644 services/DataFactory/factories/templates/policy/MaxAllowedFactorySizeInGbUnits_71d5d464-ae1c-4383-835f-bb7369e307ea.json create mode 100644 services/DataFactory/factories/templates/policy/MaxAllowedResourceCount_a678b284-d23b-46e4-a8fa-75bb744a53bb.json create mode 100644 services/DataFactory/factories/templates/policy/PipelineCancelledRuns_f5e0a050-1994-4864-b2c3-a09dc77fb5b4.json create mode 100644 services/DataFactory/factories/templates/policy/PipelineElapsedTimeRuns_df4f3e6f-757e-4fa0-a411-b2cdf4039649.json create mode 100644 services/DataFactory/factories/templates/policy/PipelineFailedRuns_2dd0b760-3235-479d-86d4-c152ca76b7e8.json create mode 100644 services/DataFactory/factories/templates/policy/PipelineSucceededRuns_47615ecc-bf5d-47e2-8c10-f8411e6c5d56.json create mode 100644 services/DataFactory/factories/templates/policy/ResourceCount_740b104c-1ad2-4ef7-bafc-c98f22551548.json create mode 100644 services/DataFactory/factories/templates/policy/SSISIntegrationRuntimeStartFailed_5f2a0272-792a-4cdd-ba94-9f46db438a0e.json create mode 100644 services/DataFactory/factories/templates/policy/SSISPackageExecutionFailed_c30b6089-59c5-4452-b382-d33152be9b03.json create mode 100644 services/DataFactory/factories/templates/policy/TriggerFailedRuns_9c7bde49-f0c2-4a07-b150-5dc9464fcf29.json create mode 100644 services/DataFactory/factories/templates/policy/TriggerSucceededRuns_b8286cfa-9f86-4309-954b-ef69a6d8982d.json create mode 100644 services/Devices/IotHubs/templates/policy/dailyMessageQuotaUsed_d78fc655-68ca-4877-ac60-7fc805f1ae94.json create mode 100644 services/Devices/IotHubs/templates/policy/dctelemetryegressdropped_d5a028d1-ae0e-4349-8a79-630f891c8235.json create mode 100644 services/Devices/IotHubs/templates/policy/dctelemetryingresssendThrottle_65deae31-85e8-477a-b17e-50d2d10cd7b0.json create mode 100644 services/Devices/IotHubs/templates/policy/dctelemetryingresssuccess_85de8003-c1d8-4cd1-80b5-e125399ef293.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/DataUsage_0914c189-0adc-45d6-8704-d2ae73b9b7b6.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/MongoRequests_3f30e3aa-7e17-4eaf-a437-a420f5a23bf2.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/NormalizedRUConsumption_9bae539a-12ed-46e2-b105-101ce036c9a4.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/OfflineRegion_0cb53be3-76b5-44be-9f32-bcc821be34b6.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/ProvisionedThroughput_f77ce9c2-bb95-47e7-8e5d-75d5c098f489.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/RegionFailover_9c41c539-b81b-4917-b04a-e67225f78e75.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/RemoveRegion_228e104f-002a-441d-91ec-6140f233c1a4.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/ReplicationLatency_cf0655a4-042d-4979-bbc7-5559eaa8f2b9.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/ServerSideLatency_28f2e10d-2297-47f9-ac6a-c7a8cc0c8ead.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/ServiceAvailability_ee10b769-b38b-44d1-9fd3-926b8dca4c41.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/SqlContainerDelete_faf5510e-28b7-42c9-8ad1-de68a5737eaf.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/SqlDatabaseDelete_a7958120-a386-46d0-9790-e80bfa72fb22.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/TotalRequestUnits_14fc7c6b-484f-427f-a1d2-94cded799f88.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/TotalRequests_2a1deb2d-1fc0-499b-a828-04aeece855fe.json create mode 100644 services/DocumentDB/databaseAccounts/templates/policy/UpdateAccountKeys_d4d7685a-ce55-4709-a847-747d02165cb7.json create mode 100644 services/EventGrid/domains/templates/policy/DeliveryAttemptFailCount_51ff86c0-2add-42e0-aab8-f6f0edcf2b51.json create mode 100644 services/EventGrid/systemTopics/templates/policy/DeadLetteredCount_c02f2d18-2b7e-4d85-81fa-2c1437d0b092.json create mode 100644 services/EventGrid/systemTopics/templates/policy/DeliveryAttemptFailCount_6584a39d-0795-4132-8c33-376d3926d21b.json create mode 100644 services/EventGrid/systemTopics/templates/policy/PublishFailCount_fb8bc2ae-26bc-45a1-b616-1f45ffb864ae.json create mode 100644 services/EventGrid/topics/templates/policy/DeadLetteredCount_343258f9-4bb2-41fb-abfa-d04ea62a6aad.json create mode 100644 services/EventGrid/topics/templates/policy/DeliveryAttemptFailCount_95865d3b-41d0-4ad6-b08b-a2dcfe0940a9.json create mode 100644 services/EventGrid/topics/templates/policy/DroppedEventCount_e9561f89-282e-4145-b5cc-8485a7fc987c.json create mode 100644 services/EventGrid/topics/templates/policy/PublishFailCount_230c0173-8b36-4412-9617-3e096886a403.json create mode 100644 services/EventHub/clusters/templates/policy/CPU_8875590a-9f72-49a2-807f-62437f8079b1.json create mode 100644 services/EventHub/namespaces/templates/policy/CaptureBacklog_2959b52d-6756-480d-9193-b2c0c4c5d305.json create mode 100644 services/EventHub/namespaces/templates/policy/IncomingBytes_2ca39ff3-6f87-438c-81f6-7ce51f70902f.json create mode 100644 services/EventHub/namespaces/templates/policy/IncomingMessages_4f1964ce-6938-499a-af3d-bb746aaff72a.json create mode 100644 services/EventHub/namespaces/templates/policy/NamespaceCpuUsage_a9c1e74c-bd3a-438c-bd13-7a2fec2d172c.json create mode 100644 services/EventHub/namespaces/templates/policy/NamespaceMemoryUsage_26972609-fbb4-4fb9-b7f8-7b99a06bb4e3.json create mode 100644 services/EventHub/namespaces/templates/policy/OutgoingBytes_46a66177-c487-4ed1-b2fc-19c0bf52b168.json create mode 100644 services/EventHub/namespaces/templates/policy/OutgoingMessages_c67b86dc-74d5-4ea1-882e-de257d054ff3.json create mode 100644 services/EventHub/namespaces/templates/policy/QuotaExceededErrors_237493ef-15c0-4e87-80bc-f8c59dd897ce.json create mode 100644 services/EventHub/namespaces/templates/policy/ServerErrors_48581aa9-53ee-4467-b04c-402061fe40e8.json create mode 100644 services/EventHub/namespaces/templates/policy/ThrottledRequests_1684f387-04e6-440c-a931-f57efdc84cd2.json create mode 100644 services/EventHub/namespaces/templates/policy/UserErrors_b1700765-b168-4ad4-a73e-f3a93a6bf5cf.json create mode 100644 services/HealthcareApis/services/templates/policy/TotalLatency_30ba09b3-4e96-403d-a295-8f37788914aa.json create mode 100644 services/HealthcareApis/services/templates/policy/TotalRequests_75dbbcf0-d6ae-401f-8765-ba643385da9b.json create mode 100644 services/KeyVault/vaults/templates/policy/ActivityLogKeyVaultDelete_f68ed392-7179-419d-8ee6-3813ea10866b.json create mode 100644 services/KeyVault/vaults/templates/policy/Availability_a3c8bcb4-22ca-45be-92f7-605f232ecec2.json create mode 100644 services/KeyVault/vaults/templates/policy/SaturationShoebox_dc852755-e5df-4fd0-83ac-cbbc516f60b3.json create mode 100644 services/KeyVault/vaults/templates/policy/ServiceApiHit_7b52bf07-3d86-4429-b5d4-829a6a5542df.json create mode 100644 services/KeyVault/vaults/templates/policy/ServiceApiLatency_2651f57f-ac74-44f3-8511-c245488134f8.json create mode 100644 services/KeyVault/vaults/templates/policy/ServiceApiResult_14356b19-1264-498d-b1cd-e3fa9f0c9fc9.json create mode 100644 services/Kusto/clusters/templates/policy/BlobsDropped_422c292e-54e3-4e7d-93e2-bcd1bf65dae6.json create mode 100644 services/Kusto/clusters/templates/policy/CPU_cae6ec0a-a26d-494b-94b2-3d93dcedff42.json create mode 100644 services/Kusto/clusters/templates/policy/IngestionLatencyInSeconds_8493c362-2524-4079-9025-8f5ffee62936.json create mode 100644 services/Kusto/clusters/templates/policy/IngestionResult_6c4213c5-743f-48b8-b957-dd26fbf8809e.json create mode 100644 services/Kusto/clusters/templates/policy/KeepAlive_188fc0b5-a686-48a7-950f-76f183ba49d6.json create mode 100644 services/Kusto/clusters/templates/policy/QueryResult_b131dc45-d6ac-4521-8206-a365ac2dbe52.json create mode 100644 services/Logic/workflows/templates/policy/ActionLatency_d8bf77d2-8572-4392-8097-5e84f136513d.json create mode 100644 services/Logic/workflows/templates/policy/ActionThrottledEvents_5aa5790b-2bff-40b0-9099-38485b9a9e0a.json create mode 100644 services/Logic/workflows/templates/policy/ActionsFailed_514f695a-4f11-4a28-9516-f7f3b5b1c53b.json create mode 100644 services/Logic/workflows/templates/policy/RunFailurePercentage_c4864d80-dd28-4344-a135-03b600920c06.json create mode 100644 services/Logic/workflows/templates/policy/RunLatency_eb44cbdc-a259-4354-9b54-2bc72f811440.json create mode 100644 services/Logic/workflows/templates/policy/RunStartThrottledEvents_6524b22c-661e-48cd-87e7-7ee9ddea7b8b.json create mode 100644 services/Logic/workflows/templates/policy/RunSuccessLatency_346ba728-f7a1-4ca4-8486-786d6ebb9f9a.json create mode 100644 services/Logic/workflows/templates/policy/RunThrottledEvents_9d324d21-ab2b-48b7-a637-4b1d9891d6b5.json create mode 100644 services/Logic/workflows/templates/policy/RunsCancelled_a4b5f1f3-aa12-4ed5-8a9d-a135204d22de.json create mode 100644 services/Logic/workflows/templates/policy/RunsCompleted_5d020d4d-9359-4ecd-934a-409d0e4a5abd.json create mode 100644 services/Logic/workflows/templates/policy/RunsFailed_350cc22f-d202-4c7c-9239-cbdb3b71e14b.json create mode 100644 services/Logic/workflows/templates/policy/RunsStarted_8f7a8cb8-feef-4eaa-9e74-18693ce9969e.json create mode 100644 services/Logic/workflows/templates/policy/RunsSucceeded_16c2d231-f28b-4146-9aa3-57d419eb8780.json create mode 100644 services/Logic/workflows/templates/policy/TotalBillableExecutions_85bb464e-d9ce-496a-a66d-4c6d28d808df.json create mode 100644 services/Logic/workflows/templates/policy/TriggerLatency_114f7c8e-e285-487d-9e50-7fe160769167.json create mode 100644 services/Logic/workflows/templates/policy/TriggerThrottledEvents_42ae6a24-d545-4bbd-a7f9-8a3b6f977366.json create mode 100644 services/Logic/workflows/templates/policy/TriggersFailed_0378fd1f-976e-4a32-aa2b-25003e7d6ee5.json create mode 100644 services/Logic/workflows/templates/policy/TriggersSkipped_cb35fd68-9568-42f9-b527-44e77726b100.json create mode 100644 services/MachineLearningServices/workspaces/templates/policy/FailedRuns_c897902c-40a5-497b-a0ce-86c3eda7c61d.json create mode 100644 services/Media/mediaservices/templates/policy/AssetQuotaUsedPercentage_c0f647d6-d7f4-46ab-8591-b2f2b481e8e8.json create mode 100644 services/Media/mediaservices/templates/policy/ContentKeyPolicyQuotaUsedPercentage_65d02c68-e50f-4a0e-9de9-0d52edea4af0.json create mode 100644 services/Media/mediaservices/templates/policy/StreamingPolicyQuotaUsedPercentage_9f91c6f3-e93e-4510-b72b-8678f6d38014.json create mode 100644 services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_30b0cb86-ba8b-4eeb-9067-88456ec403ad.json create mode 100644 services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_cb7001d3-8a0e-41ed-b281-44fee5379f06.json create mode 100644 services/NetApp/netAppAccounts/templates/policy/AverageWriteLatency_075f0066-51f6-4c36-8000-ce7070493674.json create mode 100644 services/NetApp/netAppAccounts/templates/policy/CbsVolumeOperationComplete_27768691-301d-4938-bd8a-85598c2b50c6.json create mode 100644 services/NetApp/netAppAccounts/templates/policy/VolumeAllocatedSize_1be09484-96ee-4399-8ed4-35f5f4b5c23e.json create mode 100644 services/NetApp/netAppAccounts/templates/policy/VolumeConsumedSizePercentage_d474e6d2-0b9a-4912-ae61-16dc23126b3f.json create mode 100644 services/NetApp/netAppAccounts/templates/policy/VolumeLogicalSize_149f6b6c-4729-4da4-af00-bccbb1cce9ae.json create mode 100644 services/Network/applicationGateways/templates/policy/ApplicationGatewayTotalTime_73fa1878-d22d-4e8d-922d-9f146454cc40.json create mode 100644 services/Network/applicationGateways/templates/policy/AzwafSecRule_d5827f03-efb6-4257-96e2-b6e34e3bef7e.json create mode 100644 services/Network/applicationGateways/templates/policy/BackendConnectTime_e636b3ea-da2d-42f5-aedf-12b69432ac1f.json create mode 100644 services/Network/applicationGateways/templates/policy/BackendFirstByteResponseTime_3cbcad15-0bb6-423e-87c1-4d40722103d6.json create mode 100644 services/Network/applicationGateways/templates/policy/BackendLastByteResponseTime_57c7b576-d4b2-4aa7-8c58-5c0ccbf94726.json create mode 100644 services/Network/applicationGateways/templates/policy/BackendResponseStatus_c319a40c-3750-4fb4-a36d-beb3d09ef2ee.json create mode 100644 services/Network/applicationGateways/templates/policy/CapacityUnits_d43ca9ef-6211-40ff-972e-fffb17923fc9.json create mode 100644 services/Network/applicationGateways/templates/policy/ComputeUnits_e59f4d17-2600-4bcc-ab57-6c695d37a0b2.json create mode 100644 services/Network/applicationGateways/templates/policy/CpuUtilization_9c8be4c5-5ba3-47ef-8a0a-97144734a336.json create mode 100644 services/Network/applicationGateways/templates/policy/CurrentConnections_695b9710-e432-4521-9042-36287f0fc5ba.json create mode 100644 services/Network/applicationGateways/templates/policy/EstimatedBilledCapacityUnits_e77b6820-e115-4e33-97c1-9bb902eec3b2.json create mode 100644 services/Network/applicationGateways/templates/policy/FailedRequests_73afde26-bd0c-4c31-8801-5b2444629448.json create mode 100644 services/Network/applicationGateways/templates/policy/HealthyHostCount_f03d1a7a-6bd3-42ae-89db-b36fd6ce5633.json create mode 100644 services/Network/applicationGateways/templates/policy/ResponseStatus_6d77d848-23b1-4ff4-b9de-d421845d9566.json create mode 100644 services/Network/applicationGateways/templates/policy/Throughput_7640663c-b2f7-41bf-9419-be5e8cfdf74e.json create mode 100644 services/Network/applicationGateways/templates/policy/TotalRequests_06982a17-4def-405d-bb59-4ecfb6486f9e.json create mode 100644 services/Network/applicationGateways/templates/policy/UnhealthyHostCount_c88acf4e-2d23-4ac7-93fb-e44ded53ecee.json create mode 100644 services/Network/azureFirewalls/templates/policy/ActivityLogAzureFirewallDelete_0b0c11e3-3598-4b2f-8cd8-77a24806bb9d.json create mode 100644 services/Network/azureFirewalls/templates/policy/FirewallHealth_0ff72493-3822-4315-a146-8977a0963e39.json create mode 100644 services/Network/azureFirewalls/templates/policy/SNATPortUtilization_b23f1e82-a791-4610-aaa6-2d960b48b81d.json create mode 100644 services/Network/azureFirewalls/templates/policy/Throughput_e8fdab4c-cc9a-4729-8619-a0f468f4dfdc.json create mode 100644 services/Network/bastionHosts/templates/policy/pingmesh_afd848a8-8b18-410c-bcc1-1b6f06a5a231.json create mode 100644 services/Network/bastionHosts/templates/policy/usage_user_0d4040d7-4478-46b5-98e0-14bb2f7b8ecf.json create mode 100644 services/Network/bastionHosts/templates/policy/used_2c288e52-422b-4f7e-85cf-feb3d08a1602.json create mode 100644 services/Network/connections/templates/policy/BitsInPerSecond_494aa5d6-444d-4c86-9de5-431b3e12a233.json create mode 100644 services/Network/connections/templates/policy/BitsOutPerSecond_b050d767-098e-4947-aa88-2a3090e62eab.json create mode 100644 services/Network/dnszones/templates/policy/QueryVolume_0d1709ed-805e-4ca1-8490-f2d6b393e92f.json create mode 100644 services/Network/dnszones/templates/policy/RecordSetCapacityUtilization_dfbcdbb7-fed8-49c5-8a10-ed34d20fc617.json create mode 100644 services/Network/expressRouteCircuits/templates/policy/ArpAvailability_efc101c0-0623-4928-86a7-6f2d37faf24b.json create mode 100644 services/Network/expressRouteCircuits/templates/policy/BgpAvailability_37302f31-86e2-45c8-a39f-d0b41c1271df.json create mode 100644 services/Network/expressRouteCircuits/templates/policy/BitsInPerSecond_2e4ae517-3d35-4677-a4b0-441ca19e7670.json create mode 100644 services/Network/expressRouteCircuits/templates/policy/BitsOutPerSecond_cc428042-1a21-43f7-b5f8-598dea50f4a2.json create mode 100644 services/Network/expressRouteCircuits/templates/policy/QosDropBitsInPerSecond_d56551a8-1355-4aa3-871e-e20e1ce40f05.json create mode 100644 services/Network/expressRouteCircuits/templates/policy/QosDropBitsOutPerSecond_5808dbdb-712e-4bd3-b92e-4a08388c32c6.json create mode 100644 services/Network/expressRouteCircuits/templates/policy/fastpathroutescountforcircuit_afc45643-7bd3-4321-9924-ac710bb78f88.json create mode 100644 services/Network/expressRouteCircuits/templates/policy/globalreachbitsinpersecond_47fe6c76-47a0-433f-92d6-a23d9f573771.json create mode 100644 services/Network/expressRouteCircuits/templates/policy/globalreachbitsoutpersecond_8a586e59-0f53-41bd-8406-174f9f0ecf7e.json create mode 100644 services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsInPerSecond_ff147700-c9e6-4063-bb23-45500c00067a.json create mode 100644 services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsOutPerSecond_4d5c7854-e044-4dd6-971b-df433fa3ad37.json create mode 100644 services/Network/expressRouteGateways/templates/policy/ExpressRouteGatewayCpuUtilization_af1ba971-9b73-4b7f-8040-5eff9f5778d5.json create mode 100644 services/Network/expressRoutePorts/templates/policy/LineProtocol_0fac138d-cf48-4dc2-ac02-053d0b24e620.json create mode 100644 services/Network/expressRoutePorts/templates/policy/PortBitsInPerSecond_08dad105-6416-4348-9feb-339f73e24262.json create mode 100644 services/Network/expressRoutePorts/templates/policy/PortBitsOutPerSecond_ca29484c-b6e5-467e-984d-567e262380d7.json create mode 100644 services/Network/expressRoutePorts/templates/policy/RxLightLevel_bf37971c-60f4-4652-a059-7607b1d6d31b.json create mode 100644 services/Network/expressRoutePorts/templates/policy/RxLightLevel_ceaeccae-ffa5-4c8c-8415-c7be8266977d.json create mode 100644 services/Network/expressRoutePorts/templates/policy/TxLightLevel_378a85f8-f24c-4ce6-bfb0-eb5ccbd61768.json create mode 100644 services/Network/expressRoutePorts/templates/policy/TxLightLevel_dee0e83f-8d5c-4735-9730-1a850354e4b1.json create mode 100644 services/Network/frontDoors/templates/policy/BackendHealthPercentage_15a67b66-30eb-4d0f-aa98-7350304347d0.json create mode 100644 services/Network/frontDoors/templates/policy/BackendRequestLatency_a4de0a96-9e79-4a03-a91c-cbd09ea3d29a.json create mode 100644 services/Network/frontDoors/templates/policy/RequestCount_5ec4f863-ec6f-4fe8-b258-a53b3183138a.json create mode 100644 services/Network/frontDoors/templates/policy/TotalLatency_1987b5a9-bbc3-43c6-af35-cd69e61fe043.json create mode 100644 services/Network/loadBalancers/templates/policy/AllocatedSnartPorts_5b64d91c-54de-4f8c-a5d6-054967f4ceaf.json create mode 100644 services/Network/loadBalancers/templates/policy/Bytecount_d15179b2-4b57-41e4-997b-dc7c380963d9.json create mode 100644 services/Network/loadBalancers/templates/policy/DipAvailability_a39efd3b-04ef-48d4-a862-053092bdd6e5.json create mode 100644 services/Network/loadBalancers/templates/policy/GlobalBackendAvailability_055c20da-0d21-4c6a-a80b-f2c4b3887804.json create mode 100644 services/Network/loadBalancers/templates/policy/PacketCount_d766dc3e-42cc-42a7-ba4f-3c1d7fa295c5.json create mode 100644 services/Network/loadBalancers/templates/policy/SYNCount_94c90db6-8fd7-460c-b704-c2a429913376.json create mode 100644 services/Network/loadBalancers/templates/policy/SnatConnectionCount_39d3123b-daaa-4f70-97a3-8a4f326104af.json create mode 100644 services/Network/loadBalancers/templates/policy/UsedSNATPorts_a92cb746-f19f-450b-b413-8b9710b0176b.json create mode 100644 services/Network/loadBalancers/templates/policy/VipAvailability_b239797f-e627-4e48-8609-94db72098c3d.json create mode 100644 services/Network/natGateways/templates/policy/ByteCount_e1808855-9a4d-464d-b75a-a41183c520bd.json create mode 100644 services/Network/natGateways/templates/policy/DatapathAvailability_7cb8821d-c178-4c02-ba8a-1c6fcbcde2e8.json create mode 100644 services/Network/natGateways/templates/policy/PacketDropCount_53bb49ec-ed5b-40c3-999b-efefa9be4536.json create mode 100644 services/Network/natGateways/templates/policy/SNATConnectionCount_4c2e410b-644e-4331-a55c-19bfdc3e4754.json create mode 100644 services/Network/natGateways/templates/policy/TotalConnectionCount_c57f27b1-151c-4d27-a77e-b85547d817f7.json create mode 100644 services/Network/networkSecurityGroups/templates/policy/ActivityLogNSGDelete_4c54dd21-b5ce-4185-aa70-605b167f168f.json create mode 100644 services/Network/networkWatchers/templates/policy/ChecksFailedPercent_61cbc62a-1382-4581-850f-4ea69d8a9615.json create mode 100644 services/Network/networkWatchers/templates/policy/ProbesFailedPercent_7659c9f8-c257-4f0b-a8d9-1ceae6177ff5.json create mode 100644 services/Network/networkWatchers/templates/policy/RoundTripTimeMs_1744119b-cabb-4ac4-97c6-a61249a6c5be.json create mode 100644 services/Network/networkWatchers/templates/policy/TestResult_370ff9a8-11ea-469a-9f52-b1c39d61c39d.json create mode 100644 services/Network/privateDnsZones/templates/policy/QueryVolume_4d219611-6487-4fcf-9bac-29cd9e5046a9.json create mode 100644 services/Network/privateDnsZones/templates/policy/RecordSetCapacityUtilization_95473b2f-74ea-4929-bf22-f6f3be4ccbd5.json create mode 100644 services/Network/privateDnsZones/templates/policy/RecordSetCount_b410b69e-8bd5-44fe-899d-f4d5dce9931a.json create mode 100644 services/Network/privateDnsZones/templates/policy/VirtualNetworkLinkCapacityUtilization_e71f87d1-81bb-4ee6-802d-9da4ab1cb3e3.json create mode 100644 services/Network/privateDnsZones/templates/policy/VirtualNetworkWithRegistrationCapacityUtilization_c064753f-ea6a-4940-b603-975adb5127ae.json create mode 100644 services/Network/publicIPAddresses/templates/policy/BytesInDDoS_652acaf1-c5a1-4a88-b3bb-822a14dece19.json create mode 100644 services/Network/publicIPAddresses/templates/policy/IfUnderDDoSAttack_cb9a5dd7-4ae2-4adf-ab11-95363032ee5d.json create mode 100644 services/Network/publicIPAddresses/templates/policy/PacketsInDDoS_a78addf1-4632-4fc2-9afc-d1fb75049872.json create mode 100644 services/Network/publicIPAddresses/templates/policy/TCPBytesInDDoS_54d85ec1-6c8d-4372-bdab-f6f0b5cc12c4.json create mode 100644 services/Network/publicIPAddresses/templates/policy/TCPPacketsInDDoS_529b0b1f-46fc-423f-94ab-dd71dd7894e2.json create mode 100644 services/Network/publicIPAddresses/templates/policy/UDPBytesInDDoS_8020f41e-ca61-43b4-88ca-f520057dfa92.json create mode 100644 services/Network/publicIPAddresses/templates/policy/UDPPacketsInDDoS_27181c58-ca7a-433f-a0ee-a7a33102cb36.json create mode 100644 services/Network/publicIPAddresses/templates/policy/VipAvailability_7f4c355a-5411-4400-826a-b82007bbd83d.json create mode 100644 services/Network/routeTables/templates/policy/ActivityLogRouteTableUpdate_6c81eeff-a3a7-4c72-a58e-f2e547ab2799.json create mode 100644 services/Network/trafficmanagerprofiles/templates/policy/ProbeAgentCurrentEndpointStateByProfileResourceId_dd3f294f-d12e-4e34-8f6a-c304d3d977e2.json create mode 100644 services/Network/trafficmanagerprofiles/templates/policy/QpsByEndpoint_f4699243-1ba2-49a8-85f8-c4a22a563925.json create mode 100644 services/Network/virtualNetworkGateways/templates/policy/AverageBandwidth_88642ff7-6c08-486a-9bf2-37764d5bf6a3.json create mode 100644 services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayBitsPerSecond_4c3c25d2-7473-4d0c-9174-609162571859.json create mode 100644 services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayCpuUtilization_56491bc7-1267-42a2-92c6-fe9efe822ff1.json create mode 100644 services/Network/virtualNetworkGateways/templates/policy/TunnelAverageBandwidth_09bb7f01-a715-437d-b692-325f89e1869e.json create mode 100644 services/Network/virtualNetworkGateways/templates/policy/TunnelEgressBytes_092f6e09-1eb5-436d-b7c2-eadb70318920.json create mode 100644 services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropCount_6f02e3e8-9bfa-4312-a352-6506139e3dba.json create mode 100644 services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropTSMismatch_ca909c09-89c4-467e-bdca-9140e72d6c82.json create mode 100644 services/Network/virtualNetworkGateways/templates/policy/TunnelIngressBytes_a34fa329-da3e-4947-8d06-9bd2bee6c8a7.json create mode 100644 services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropCount_b511650f-535c-45d1-a089-0ea402245deb.json create mode 100644 services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropTSMismatch_1cc4a539-e4bf-40e8-a280-f4e9e178fb51.json create mode 100644 services/Network/virtualNetworks/templates/policy/IfUnderDDoSAttack_72dea6f4-858c-423f-8189-406aac7d20ac.json create mode 100644 services/Network/vpnGateways/templates/policy/ActivityLogVPNGatewayDelete_50c8313a-bbe7-4981-8eee-4b4d44fda37f.json create mode 100644 services/Network/vpnGateways/templates/policy/BgpPeerStatus_b0ea832c-aae8-42c0-ad83-0bb13d66d56e.json create mode 100644 services/Network/vpnGateways/templates/policy/TunnelAverageBandwidth_d74fd111-125f-45b8-8bbc-e23bd40aa869.json create mode 100644 services/Network/vpnGateways/templates/policy/TunnelEgressBytes_cd3b834d-f34f-4a67-af01-b1c5d32195a9.json create mode 100644 services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropCount_c5ae6d80-59db-4087-8e9b-0df36c54ebe9.json create mode 100644 services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropTSMismatch_7b361791-127e-4a6f-9c1b-c8d9f41ec223.json create mode 100644 services/Network/vpnGateways/templates/policy/TunnelIngressBytes_a05d97b8-37b9-4100-a860-d57363aaaf5f.json create mode 100644 services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropCount_c2c9a09d-7fad-4c67-9a29-4c2c376a7214.json create mode 100644 services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropTSMismatch_7affb4da-2058-4f12-b15b-ca58e92b63e5.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceDelete_63cdfaa7-f029-4c4b-8f34-fff71fe401af.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceRegenerateKey_04a98577-458a-4a5d-88b2-22b2d140f9f3.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytesMemory_99ba0b14-4b3c-49b5-8763-3161b9aae538.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytes_b0c5e86f-eb2d-41ea-a4a0-9819ad841c70.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_AvailableMemory_91044c16-83bc-457f-80a9-360bad5dedb4.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecRead_8b472051-ff68-4059-9e50-243bfb64bae4.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecWrite_aad0e64e-3cda-45bf-b6bd-8cff29ee35e5.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_BytesReceivedsec_60ec2790-dc83-419c-bdb5-38da9a477c68.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_BytesSentsec_de6d5087-bc5a-474f-9319-248a3c03ab44.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_CommittedBytesInUse_a70e406c-a0ae-4e0f-99cd-8b0836812c59.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_CurrentDiskQueueLength_08a4f049-9bb8-45d0-9dfb-320f385cc71f.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_DiskTransferssec_30b462dd-d026-4122-9bcf-3a114517e04c.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_FreeMegabytes_969677fe-d1e0-42f6-92af-c9269780411b.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_FreeSpace_db621663-ec0a-4fa3-82a7-b6b110726568.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_IOWaitTime_1116a5eb-9e12-415a-af46-fad552421d36.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_IdleTime_732c0a7b-ac17-47cb-bf78-2ebaa839fa0d.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_Pagessec_88b7198b-32a5-4ae2-aaa5-7925066cc08c.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_ProcessorTime_0c416177-e7ce-40d5-8f15-8566b3d7c03c.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesReceived_593b6885-3fb8-4562-89f1-8b0b68649185.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesTransmitted_76583e85-8be6-4d02-8e09-aff0ce8574f8.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_UsedInodes_af5d055f-0e1f-4c48-808a-d21f8268357d.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_UsedMemory_171e5b5c-78cc-44a1-b7fb-7d750914ed5e.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_UsedSpace_49ba0df7-18bf-4b3e-9d0f-f8c055762fd5.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_UsedSwapSpace_04f64694-48a2-48ee-9455-ccce8e59b66f.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Average_UserTime_b8140cdb-5492-4177-881f-8668372947a8.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Event_0b608189-b028-4851-8854-9ce1a48c3dd6.json create mode 100644 services/OperationalInsights/workspaces/templates/policy/Heartbeat_83703f70-9ea8-44aa-b88a-a8e56eb42858.json create mode 100644 services/PowerBIDedicated/capacities/templates/policy/cpu_metric_2993107e-d54f-4fc4-af7a-6a9bc6b4ea46.json create mode 100644 services/RecoveryServices/vaults/templates/policy/BackupHealthEvent_8f9b2819-9c51-4f30-91fd-195b7bc5d7a5.json create mode 100644 services/RecoveryServices/vaults/templates/policy/BackupHealthMonitoring_aa56c6a8-87b3-4291-bdff-7996948c3155.json create mode 100644 services/RecoveryServices/vaults/templates/policy/RestoreHealthEvent_805aa9c8-4d52-411d-9811-cc02b33952e3.json create mode 100644 services/Relay/namespaces/templates/policy/ActiveListeners_25a1c11a-3ec4-47aa-b67e-f359fd14483a.json create mode 100644 services/Resources/subscriptions/templates/policy/ResourceHealthUnhealthy_afcf3ad4-93c9-46e4-bdb7-3a8e9af405d1.json create mode 100644 services/Resources/subscriptions/templates/policy/ServiceHealthAdvisory_7b56e46e-8fbf-404d-a1e5-fbb3d9ea8d7e.json create mode 100644 services/Resources/subscriptions/templates/policy/ServiceHealthIncident_f0dfdd7b-8e50-4a96-ba7f-9a58280f0df0.json create mode 100644 services/Resources/subscriptions/templates/policy/ServiceHealthMaintenance_26a33edf-0698-424d-aae2-6bcd5af323d5.json create mode 100644 services/Resources/subscriptions/templates/policy/ServiceHealthSecurity_89dbd4e4-f709-47c6-a243-4207678c8473.json create mode 100644 services/Search/searchServices/templates/policy/SearchLatency_d3985fe5-c7f0-47a1-b52e-26098345a433.json create mode 100644 services/Search/searchServices/templates/policy/ThrottledSearchQueriesPercentage_7a044f2f-f38f-4f13-82eb-c7f49bf17ad0.json create mode 100644 services/ServiceBus/namespaces/templates/policy/AbandonMessage_172396a9-27f0-4c01-9510-94ba4a0d4738.json create mode 100644 services/ServiceBus/namespaces/templates/policy/ActiveConnections_784a29e7-5799-4fde-90ee-b6ebcb2a8747.json create mode 100644 services/ServiceBus/namespaces/templates/policy/ActiveMessages_0b3362f7-b1ff-4d78-8c25-f14ee9300ae1.json create mode 100644 services/ServiceBus/namespaces/templates/policy/DeadletteredMessages_868a7fc3-9c5c-4fb4-9289-fbe10dd4db82.json create mode 100644 services/ServiceBus/namespaces/templates/policy/IncomingMessages_c1095936-da8d-4c63-ac70-cf97d5b1f630.json create mode 100644 services/ServiceBus/namespaces/templates/policy/Messages_67872571-d13d-4123-81c5-60404c4eea45.json create mode 100644 services/ServiceBus/namespaces/templates/policy/NamespaceCpuUsage_52ec94f5-0d89-434b-9d51-df92d69ba284.json create mode 100644 services/ServiceBus/namespaces/templates/policy/NamespaceMemoryUsage_860d21ea-8c6a-4c78-ac40-f556eb02c3ac.json create mode 100644 services/ServiceBus/namespaces/templates/policy/OutgoingMessages_fdde6805-edf8-4277-adb8-ad2f44e3f977.json create mode 100644 services/ServiceBus/namespaces/templates/policy/ScheduledMessages_5543b815-f2c8-420e-847e-7507a9724557.json create mode 100644 services/ServiceBus/namespaces/templates/policy/ServerErrors_c51c3514-1730-42f3-b8ae-f2980bd22d83.json create mode 100644 services/ServiceBus/namespaces/templates/policy/ServerSendLatency_487c6beb-1468-4167-8eb6-e9b3ad8743b1.json create mode 100644 services/ServiceBus/namespaces/templates/policy/Size_950586ee-6926-4483-96d4-82838afe1ca6.json create mode 100644 services/ServiceBus/namespaces/templates/policy/ThrottledRequests_19785707-24c9-4852-b92a-31732b86ee04.json create mode 100644 services/ServiceBus/namespaces/templates/policy/UserErrors_a57a1cc4-4ec9-4d8f-a81d-7e18afe54948.json create mode 100644 services/SignalRService/SignalR/templates/policy/ConnectionCount_b7581df7-f127-405e-9408-9d484122be74.json create mode 100644 services/SignalRService/SignalR/templates/policy/ConnectionQuotaUtilization_c7567682-8723-4426-8c27-848a9cc634d0.json create mode 100644 services/SignalRService/SignalR/templates/policy/SystemErrors_58f62f20-b9ba-472c-a2a4-37b53ed3e21d.json create mode 100644 services/Sql/managedInstances/templates/policy/avg_cpu_percent_dfd37715-0d5c-4ec5-98ae-836cd626a27f.json create mode 100644 services/Sql/managedInstances/templates/policy/storage_space_used_mb_641ca3dc-a00f-43ac-b6bd-4f5d16f35cac.json create mode 100644 services/Sql/servers/templates/policy/allocated_data_storage_3743016a-a056-43fe-b53a-36dd9a17626d.json create mode 100644 services/Sql/servers/templates/policy/allocated_data_storage_percent_7e9d0710-3243-4cf2-8b73-6be1539b8545.json create mode 100644 services/Sql/servers/templates/policy/app_cpu_percent_05591510-5fe2-454a-96d8-bbda8201c6a4.json create mode 100644 services/Sql/servers/templates/policy/app_memory_percent_c5c95fe9-a4b4-4afa-a07a-a0d18804d416.json create mode 100644 services/Sql/servers/templates/policy/blocked_by_firewall_2cda2f3a-8657-431a-a50f-56835aea9a81.json create mode 100644 services/Sql/servers/templates/policy/connection_failed_7157dc17-9d5a-4835-a122-1d0d904d61ff.json create mode 100644 services/Sql/servers/templates/policy/connection_failed_user_error_d528ffcb-3a99-4356-96d1-981499139ffb.json create mode 100644 services/Sql/servers/templates/policy/connection_successful_460b6b29-a602-4409-b748-6b47b232a984.json create mode 100644 services/Sql/servers/templates/policy/cpu_percent_805c4ae5-a852-43bd-ad1c-0f7f381d8f32.json create mode 100644 services/Sql/servers/templates/policy/cpu_used_3ddd3f95-989c-4777-b6b8-728439aae1df.json create mode 100644 services/Sql/servers/templates/policy/deadlock_ce44fc81-3610-4165-a107-9dd4b8ab3972.json create mode 100644 services/Sql/servers/templates/policy/dtu_consumption_percent_5d9075b5-3c19-4cf6-9c2e-50ba4c175691.json create mode 100644 services/Sql/servers/templates/policy/dtu_limit_50124594-a291-4183-a8e3-195f5e6f5204.json create mode 100644 services/Sql/servers/templates/policy/dtu_used_d26f4c8b-0461-4c57-b230-cbd1a5424db1.json create mode 100644 services/Sql/servers/templates/policy/dwu_consumption_percent_70f88865-7a8b-4e03-9252-a9369df503ef.json create mode 100644 services/Sql/servers/templates/policy/eDTU_used_16a64053-1905-4d8e-8198-810584cad108.json create mode 100644 services/Sql/servers/templates/policy/log_write_percent_47cd814e-1991-437e-8feb-e589a250d2a3.json create mode 100644 services/Sql/servers/templates/policy/memory_usage_percent_f5c13b49-8528-457d-9d7d-083b8433bf96.json create mode 100644 services/Sql/servers/templates/policy/physical_data_read_percent_92efc2ea-b6ed-41aa-921c-6d40e7b58c27.json create mode 100644 services/Sql/servers/templates/policy/sessions_count_07eeae07-010e-47ca-ad90-fa7adb5a6c52.json create mode 100644 services/Sql/servers/templates/policy/sessions_percent_6b2e0ce9-d1b8-4061-b3ce-c39f9c5c1763.json create mode 100644 services/Sql/servers/templates/policy/sql_instance_cpu_percent_1a8132b9-fbd2-4ac5-9e08-96358e16b7f7.json create mode 100644 services/Sql/servers/templates/policy/sql_instance_memory_percent_f44a3cb0-6e99-4a5e-a691-c5d7d5bf7e64.json create mode 100644 services/Sql/servers/templates/policy/sqlserver_process_core_percent_73ec4301-872a-4bea-928e-420255aae8cb.json create mode 100644 services/Sql/servers/templates/policy/sqlserver_process_memory_percent_fa056aaf-57c4-4abe-9bc5-23ba413a1f5b.json create mode 100644 services/Sql/servers/templates/policy/storage_86922a27-41bb-4834-bc54-0b602b275597.json create mode 100644 services/Sql/servers/templates/policy/storage_percent_88f3cbc0-bcfb-482f-b6f4-709a335afcad.json create mode 100644 services/Sql/servers/templates/policy/tempdb_data_size_0fe27fd1-e4f7-48c1-bbd2-a6953755d5e8.json create mode 100644 services/Sql/servers/templates/policy/tempdb_log_used_percent_af66de51-079c-4d34-af92-f52f887642dc.json create mode 100644 services/Sql/servers/templates/policy/workers_percent_1b37038e-6e5c-4463-97d4-8a632251d70e.json create mode 100644 services/Sql/servers/templates/policy/xtp_storage_percent_db517009-30ad-4cbc-b282-7f212052c3b4.json create mode 100644 services/Storage/storageAccounts/templates/policy/Availability_45fef979-c27e-425a-a6c3-e5bd28b1eb86.json create mode 100644 services/Storage/storageAccounts/templates/policy/Availability_b1a4849b-78a8-437f-8113-7c6f2dc34927.json create mode 100644 services/Storage/storageAccounts/templates/policy/BlobCapacity_8c0aaea9-bcce-4c27-a090-ffe54b7e1d1c.json create mode 100644 services/Storage/storageAccounts/templates/policy/BlobCount_c4d93fac-a6b6-4731-a92a-c499b6fb2bcb.json create mode 100644 services/Storage/storageAccounts/templates/policy/Egress_eb186756-b63b-408a-bbaf-ac94c1010287.json create mode 100644 services/Storage/storageAccounts/templates/policy/FileCapacity_26e09eae-c784-4e8f-a225-d3f13efff76f.json create mode 100644 services/Storage/storageAccounts/templates/policy/FileShareCapacityQuota_8660f357-83f9-4719-bdf3-bae57af2d967.json create mode 100644 services/Storage/storageAccounts/templates/policy/FileShareCount_a4adc774-7ca4-4a4b-b2fa-514b9fcbbc80.json create mode 100644 services/Storage/storageAccounts/templates/policy/FileShareSnapshotCount_8cbe449d-9264-4ae1-8221-5d97989005a8.json create mode 100644 services/Storage/storageAccounts/templates/policy/Ingress_5d872cb4-7f71-4275-81eb-98c968c0cadd.json create mode 100644 services/Storage/storageAccounts/templates/policy/QueueCapacity_7815fc6f-bfb1-4474-9ea6-05e1449a2ed5.json create mode 100644 services/Storage/storageAccounts/templates/policy/QueueCount_f75dec98-78a3-4e42-954d-375fe3352857.json create mode 100644 services/Storage/storageAccounts/templates/policy/QueueMessageCount_34769aaa-5014-4ced-bb08-9fabfba3d959.json create mode 100644 services/Storage/storageAccounts/templates/policy/SuccessEELatency_0acc30dc-881d-46c9-b634-8cba507a263f.json create mode 100644 services/Storage/storageAccounts/templates/policy/SuccessServerLatency_0a3689c7-b610-4c52-ae84-ab0640f3d6e4.json create mode 100644 services/Storage/storageAccounts/templates/policy/Transactions_5e544473-d84f-427d-869d-9d982619e4cb.json create mode 100644 services/Storage/storageAccounts/templates/policy/Transactions_c81d3e6c-5539-42ad-a95f-9bba504d91f0.json create mode 100644 services/Storage/storageAccounts/templates/policy/UsedCapacity_b663a689-6db8-467d-8b5d-8cd34afe4b0e.json create mode 100644 services/StorageCache/AmlFilesystems/templates/policy/ClientIOPS_ff3df303-c3b0-449c-840d-68084707773e.json create mode 100644 services/StorageCache/AmlFilesystems/templates/policy/ClientLatency_31dead21-5454-41f0-9aab-faeabef89d67.json create mode 100644 services/StorageCache/caches/templates/policy/Uptime_7f951991-c6ce-4c72-9f55-7eade2c4f57c.json create mode 100644 services/StorageSync/storageSyncServices/templates/policy/ServerSyncSessionResult_ea68cbf2-b8a6-4f47-afda-94cab9ce4622.json create mode 100644 services/StorageSync/storageSyncServices/templates/policy/StorageSyncServerHeartbeat_eb627157-b9c8-4e8f-a00e-f9eb7df45c78.json create mode 100644 services/StorageSync/storageSyncServices/templates/policy/StorageSyncSyncSessionPerItemErrorsCount_0020bd6d-cd35-491e-9c71-f66bd64ed9a9.json create mode 100644 services/StreamAnalytics/streamingjobs/templates/policy/AMLCalloutFailedRequests_f0fa5804-9d5f-4e23-91c0-996c561585ef.json create mode 100644 services/StreamAnalytics/streamingjobs/templates/policy/ConversionErrors_7d30aeb3-31e5-4742-aa7e-825c2a6af42a.json create mode 100644 services/StreamAnalytics/streamingjobs/templates/policy/DeserializationError_381221db-fd9a-4d65-a16f-63e7492b0a49.json create mode 100644 services/StreamAnalytics/streamingjobs/templates/policy/Errors_ebd9a9cf-7aa1-4c75-8b76-33f94e4bb8ef.json create mode 100644 services/StreamAnalytics/streamingjobs/templates/policy/InputEventsSourcesBacklogged_b46ef7a9-6597-4c4f-a5ca-9ca653e1b716.json create mode 100644 services/StreamAnalytics/streamingjobs/templates/policy/InputEvents_1dc8c746-4caf-4355-9d82-bdeaa1cf95bf.json create mode 100644 services/StreamAnalytics/streamingjobs/templates/policy/OutputEvents_c0dbcbee-eefd-4ee4-bd25-48d42444c882.json create mode 100644 services/StreamAnalytics/streamingjobs/templates/policy/OutputWatermarkDelaySeconds_289283c0-87ae-475f-b756-306783c7ec4d.json create mode 100644 services/StreamAnalytics/streamingjobs/templates/policy/ProcessCPUUsagePercentage_ea14eb56-238e-42b2-95ae-4d624d720d10.json create mode 100644 services/StreamAnalytics/streamingjobs/templates/policy/ResourceUtilization_4f2ead64-7412-4695-9855-47f36ade6f7e.json create mode 100644 services/Synapse/workspaces/templates/policy/BuiltinSqlPoolDataProcessedBytes_8e2a7c77-890c-49d5-aadd-052764135995.json create mode 100644 services/Synapse/workspaces/templates/policy/BuiltinSqlPoolLoginAttempts_6cf01e09-24d5-4097-bac1-1d39b0f577c8.json create mode 100644 services/Synapse/workspaces/templates/policy/CPUPercent_d8d1bc29-bfdb-48a5-89bd-7e34522d8085.json create mode 100644 services/Synapse/workspaces/templates/policy/DWUUsedPercent_64f41eaa-048f-4892-b80f-593e74ef4f84.json create mode 100644 services/Synapse/workspaces/templates/policy/IntegrationActivityRunsEnded_21280a1a-d4e5-4ec3-83f5-f8d22ae0340a.json create mode 100644 services/Synapse/workspaces/templates/policy/IntegrationPipelineRunsEnded_16072e08-8ffb-48c9-afa9-fe2192b4513b.json create mode 100644 services/Synapse/workspaces/templates/policy/IntegrationTriggerRunsEnded_583c6484-b7a3-4908-b4d4-9a8b08d1edf9.json create mode 100644 services/Synapse/workspaces/templates/policy/MemoryUsedPercent_4c4d35e8-fdd7-4951-8a71-7b9add69d337.json create mode 100644 services/Web/hostingEnvironments/templates/policy/CpuPercentage_f6c1126c-48cf-499a-b0a2-e4fdd80cdf0e.json create mode 100644 services/Web/hostingEnvironments/templates/policy/HttpQueueLength_c7ad761f-19bf-4289-ab47-2721c6d387eb.json create mode 100644 services/Web/serverFarms/templates/policy/BytesReceived_7bdc68c3-7679-482d-82e4-92a8229db9d7.json create mode 100644 services/Web/serverFarms/templates/policy/BytesSent_520cc4d4-2caa-42df-b8b7-86dbc4786ce6.json create mode 100644 services/Web/serverFarms/templates/policy/CpuPercentage_8748b7d6-ef2a-4548-bf8e-dc6eecd2a651.json create mode 100644 services/Web/serverFarms/templates/policy/DiskQueueLength_14dbacac-2559-4537-9be9-7d08bdd0888d.json create mode 100644 services/Web/serverFarms/templates/policy/HttpQueueLength_e85efb6a-239a-41e0-8cdd-b1792c41ec41.json create mode 100644 services/Web/serverFarms/templates/policy/MemoryPercentage_b87ecc60-7558-4cb4-8ef9-3185c4c19579.json create mode 100644 services/Web/serverFarms/templates/policy/SocketOutboundAll_96257455-b2cf-4f35-9c64-00eea637471a.json create mode 100644 services/Web/serverFarms/templates/policy/TcpEstablished_f03350e9-f936-4ac0-a64f-2d2df1fc9f75.json create mode 100644 services/Web/serverFarms/templates/policy/TcpTimeWait_2a129b1b-36a7-4048-9403-004dc5e6b0b2.json create mode 100644 services/Web/sites/templates/policy/AppConnections_a74bd8f3-cab7-46e6-ac1e-7527d2385bee.json create mode 100644 services/Web/sites/templates/policy/AverageMemoryWorkingSet_e6f23a76-11f3-471e-b7d7-ebc787487069.json create mode 100644 services/Web/sites/templates/policy/AverageResponseTime_b16f8234-e6c6-4723-933e-e5f8c179f23d.json create mode 100644 services/Web/sites/templates/policy/BytesReceived_a9177e32-e3fa-425a-a02e-727ff3515ae0.json create mode 100644 services/Web/sites/templates/policy/BytesSent_49f62a85-7edf-4afc-9201-7a8939d6a42a.json create mode 100644 services/Web/sites/templates/policy/CpuTime_48fcc15e-f043-4bb5-a628-6aefc60432c1.json create mode 100644 services/Web/sites/templates/policy/CurrentAssemblies_b63593ad-6c47-49e3-9b4a-e8b19f0cc7db.json create mode 100644 services/Web/sites/templates/policy/FileSystemUsage_b0c0fca3-1832-4a18-8832-5eebd2c1370a.json create mode 100644 services/Web/sites/templates/policy/FunctionExecutionCount_1e71d59c-b29f-4b43-9f49-7aa0da50c88c.json create mode 100644 services/Web/sites/templates/policy/FunctionExecutionUnits_12241b03-3f62-4100-9cf3-7798a7796600.json create mode 100644 services/Web/sites/templates/policy/Handles_dc560ab2-18ad-49ae-9937-9b9a770faaab.json create mode 100644 services/Web/sites/templates/policy/HealthCheckStatus_ff5238a3-e40f-47c7-a142-f7a19b7764f9.json create mode 100644 services/Web/sites/templates/policy/HttpResponseTime_b4e2bc80-9307-44d8-89f1-04c7133f37fc.json create mode 100644 services/Web/sites/templates/policy/Http_02ef5600-fed6-474a-8fbb-5ed088b04d0d.json create mode 100644 services/Web/sites/templates/policy/Http_265b54e0-33a0-44b3-9f7b-ce53328439e3.json create mode 100644 services/Web/sites/templates/policy/Http_67ca6d43-ab88-4fb8-9c18-2862765681e6.json create mode 100644 services/Web/sites/templates/policy/Http_a8024ffc-b3b7-48eb-8f24-ae7da834cde2.json create mode 100644 services/Web/sites/templates/policy/Httpxx_0853a13e-b316-4ea0-98a2-9d722a508d1e.json create mode 100644 services/Web/sites/templates/policy/Httpxx_0bdd95e0-1d48-40e5-85c7-cd8008b966b0.json create mode 100644 services/Web/sites/templates/policy/Httpxx_e4fa68d2-55cd-4371-9574-95ae5c34d4ae.json create mode 100644 services/Web/sites/templates/policy/Httpxx_fe7cfeb1-c18f-4822-8e6c-fb73dcd175a8.json create mode 100644 services/Web/sites/templates/policy/MemoryWorkingSet_93768520-ab75-4e4e-b39b-a210a32379c0.json create mode 100644 services/Web/sites/templates/policy/PrivateBytes_3acdc4ab-514c-42c3-82e1-cb41fa338c2f.json create mode 100644 services/Web/sites/templates/policy/RequestsInApplicationQueue_2e62242b-6d20-44b5-86f9-f9a0de8ffe3f.json create mode 100644 services/Web/sites/templates/policy/Requests_fa87c863-2d21-4b9d-897f-452fd35b06c3.json create mode 100644 services/Web/sites/templates/policy/Threads_9e412261-433b-45fd-8944-2f891bf14a56.json create mode 100644 services/Web/sites/templates/policy/WorkflowRunsFailureRate_89ec4b6f-d1b2-4402-8a1d-48440624fc31.json create mode 100644 services/Web/sites/templates/policy/WorkflowTriggersFailureRate_8a492278-c49f-4e4c-8fd5-a1680590864a.json diff --git a/services/AVS/privateClouds/templates/policy/DiskUsedPercentage_23ac19cb-5eff-4cfa-9817-93466e1a94f7.json b/services/AVS/privateClouds/templates/policy/DiskUsedPercentage_23ac19cb-5eff-4cfa-9817-93466e1a94f7.json new file mode 100644 index 000000000..0eceb2783 --- /dev/null +++ b/services/AVS/privateClouds/templates/policy/DiskUsedPercentage_23ac19cb-5eff-4cfa-9817-93466e1a94f7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "23ac19cb-5eff-4cfa-9817-93466e1a94f7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AVS privateClouds DiskUsedPercentage Alert", + "description": "Policy to Audit/Deploy AVS privateClouds DiskUsedPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "AVS", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.AVS/privateClouds" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.AVS/privateClouds" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DiskUsedPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.AVS/privateClouds/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DiskUsedPercentage-threshold-Override_'), field('tags._amba-DiskUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DiskUsedPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for AVS privateClouds DiskUsedPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DiskUsedPercentage", + "metricNamespace": "Microsoft.AVS/privateClouds", + "metricName": "DiskUsedPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DiskUsedPercentage-threshold-Override_'), field('tags._amba-DiskUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/AVS/privateClouds/templates/policy/UsageAverage_b9f2fe91-023a-443c-b376-b12f0cd5d965.json b/services/AVS/privateClouds/templates/policy/UsageAverage_b9f2fe91-023a-443c-b376-b12f0cd5d965.json new file mode 100644 index 000000000..e9060e0ba --- /dev/null +++ b/services/AVS/privateClouds/templates/policy/UsageAverage_b9f2fe91-023a-443c-b376-b12f0cd5d965.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b9f2fe91-023a-443c-b376-b12f0cd5d965", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AVS privateClouds UsageAverage Alert", + "description": "Policy to Audit/Deploy AVS privateClouds UsageAverage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "AVS", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.AVS/privateClouds" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.AVS/privateClouds" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UsageAverage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.AVS/privateClouds/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UsageAverage-threshold-Override_'), field('tags._amba-UsageAverage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UsageAverage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for AVS privateClouds UsageAverage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UsageAverage", + "metricNamespace": "Microsoft.AVS/privateClouds", + "metricName": "UsageAverage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UsageAverage-threshold-Override_'), field('tags._amba-UsageAverage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/AnalysisServices/servers/templates/policy/memory_metric_0289bc11-db65-4a58-91ed-fda8637322ec.json b/services/AnalysisServices/servers/templates/policy/memory_metric_0289bc11-db65-4a58-91ed-fda8637322ec.json new file mode 100644 index 000000000..179b983be --- /dev/null +++ b/services/AnalysisServices/servers/templates/policy/memory_metric_0289bc11-db65-4a58-91ed-fda8637322ec.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0289bc11-db65-4a58-91ed-fda8637322ec", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AnalysisServices servers memory_metric Alert", + "description": "Policy to Audit/Deploy AnalysisServices servers memory_metric Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "AnalysisServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "8000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.AnalysisServices/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.AnalysisServices/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_metric" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.AnalysisServices/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_metric-threshold-Override_'), field('tags._amba-memory_metric-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_metric')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for AnalysisServices servers memory_metric", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_metric", + "metricNamespace": "Microsoft.AnalysisServices/servers", + "metricName": "memory_metric", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_metric-threshold-Override_'), field('tags._amba-memory_metric-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/AnalysisServices/servers/templates/policy/qpu_metric_ea6a4d59-822f-4fb7-a29d-69e523e95bdb.json b/services/AnalysisServices/servers/templates/policy/qpu_metric_ea6a4d59-822f-4fb7-a29d-69e523e95bdb.json new file mode 100644 index 000000000..c611fd385 --- /dev/null +++ b/services/AnalysisServices/servers/templates/policy/qpu_metric_ea6a4d59-822f-4fb7-a29d-69e523e95bdb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea6a4d59-822f-4fb7-a29d-69e523e95bdb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AnalysisServices servers qpu_metric Alert", + "description": "Policy to Audit/Deploy AnalysisServices servers qpu_metric Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "AnalysisServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.AnalysisServices/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.AnalysisServices/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "qpu_metric" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.AnalysisServices/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-qpu_metric-threshold-Override_'), field('tags._amba-qpu_metric-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-qpu_metric')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for AnalysisServices servers qpu_metric", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "qpu_metric", + "metricNamespace": "Microsoft.AnalysisServices/servers", + "metricName": "qpu_metric", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-qpu_metric-threshold-Override_'), field('tags._amba-qpu_metric-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/BackendDuration_fd5d63e0-ab2f-4300-af65-05bf2e490d0e.json b/services/ApiManagement/service/templates/policy/BackendDuration_fd5d63e0-ab2f-4300-af65-05bf2e490d0e.json new file mode 100644 index 000000000..fc1e8e8bb --- /dev/null +++ b/services/ApiManagement/service/templates/policy/BackendDuration_fd5d63e0-ab2f-4300-af65-05bf2e490d0e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fd5d63e0-ab2f-4300-af65-05bf2e490d0e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service BackendDuration Alert", + "description": "Policy to Audit/Deploy ApiManagement service BackendDuration Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendDuration" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendDuration-threshold-Override_'), field('tags._amba-BackendDuration-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendDuration')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service BackendDuration", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendDuration", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "BackendDuration", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendDuration-threshold-Override_'), field('tags._amba-BackendDuration-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/Capacity_6b1dd1ae-05de-43d2-bdea-7981c49127fc.json b/services/ApiManagement/service/templates/policy/Capacity_6b1dd1ae-05de-43d2-bdea-7981c49127fc.json new file mode 100644 index 000000000..def262160 --- /dev/null +++ b/services/ApiManagement/service/templates/policy/Capacity_6b1dd1ae-05de-43d2-bdea-7981c49127fc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6b1dd1ae-05de-43d2-bdea-7981c49127fc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service Capacity Alert", + "description": "Policy to Audit/Deploy ApiManagement service Capacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Capacity" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Capacity-threshold-Override_'), field('tags._amba-Capacity-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Capacity')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service Capacity", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Capacity", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "Capacity", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Capacity-threshold-Override_'), field('tags._amba-Capacity-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/Duration_52cd4aba-4ad0-402a-880d-ba625ebcf37f.json b/services/ApiManagement/service/templates/policy/Duration_52cd4aba-4ad0-402a-880d-ba625ebcf37f.json new file mode 100644 index 000000000..bd57105cd --- /dev/null +++ b/services/ApiManagement/service/templates/policy/Duration_52cd4aba-4ad0-402a-880d-ba625ebcf37f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "52cd4aba-4ad0-402a-880d-ba625ebcf37f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service Duration Alert", + "description": "Policy to Audit/Deploy ApiManagement service Duration Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Duration" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Duration-threshold-Override_'), field('tags._amba-Duration-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Duration')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service Duration", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Duration", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "Duration", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Duration-threshold-Override_'), field('tags._amba-Duration-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/FailedRequests_1f8626fe-812a-48a7-b237-2f9181a5ea12.json b/services/ApiManagement/service/templates/policy/FailedRequests_1f8626fe-812a-48a7-b237-2f9181a5ea12.json new file mode 100644 index 000000000..d11991450 --- /dev/null +++ b/services/ApiManagement/service/templates/policy/FailedRequests_1f8626fe-812a-48a7-b237-2f9181a5ea12.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1f8626fe-812a-48a7-b237-2f9181a5ea12", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service FailedRequests Alert", + "description": "Policy to Audit/Deploy ApiManagement service FailedRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FailedRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FailedRequests-threshold-Override_'), field('tags._amba-FailedRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FailedRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service FailedRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FailedRequests", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "FailedRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FailedRequests-threshold-Override_'), field('tags._amba-FailedRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/Requests_2e16fd84-d92f-44ee-8191-ff47e90a9526.json b/services/ApiManagement/service/templates/policy/Requests_2e16fd84-d92f-44ee-8191-ff47e90a9526.json new file mode 100644 index 000000000..72a06f00a --- /dev/null +++ b/services/ApiManagement/service/templates/policy/Requests_2e16fd84-d92f-44ee-8191-ff47e90a9526.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2e16fd84-d92f-44ee-8191-ff47e90a9526", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service Requests Alert", + "description": "Policy to Audit/Deploy ApiManagement service Requests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Requests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Requests-threshold-Override_'), field('tags._amba-Requests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Requests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service Requests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Requests", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "Requests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Requests-threshold-Override_'), field('tags._amba-Requests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/TotalRequests_a9480e7f-1cd0-4c46-b5c4-e7f35fe963a5.json b/services/ApiManagement/service/templates/policy/TotalRequests_a9480e7f-1cd0-4c46-b5c4-e7f35fe963a5.json new file mode 100644 index 000000000..b6fcf6dc5 --- /dev/null +++ b/services/ApiManagement/service/templates/policy/TotalRequests_a9480e7f-1cd0-4c46-b5c4-e7f35fe963a5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a9480e7f-1cd0-4c46-b5c4-e7f35fe963a5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service TotalRequests Alert", + "description": "Policy to Audit/Deploy ApiManagement service TotalRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service TotalRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalRequests", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "TotalRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ApiManagement/service/templates/policy/UnauthorizedRequests_c0c3e784-f488-43a6-a423-18dbb444d443.json b/services/ApiManagement/service/templates/policy/UnauthorizedRequests_c0c3e784-f488-43a6-a423-18dbb444d443.json new file mode 100644 index 000000000..62508ff3a --- /dev/null +++ b/services/ApiManagement/service/templates/policy/UnauthorizedRequests_c0c3e784-f488-43a6-a423-18dbb444d443.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c0c3e784-f488-43a6-a423-18dbb444d443", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ApiManagement service UnauthorizedRequests Alert", + "description": "Policy to Audit/Deploy ApiManagement service UnauthorizedRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ApiManagement", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ApiManagement/service" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UnauthorizedRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ApiManagement/service/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UnauthorizedRequests-threshold-Override_'), field('tags._amba-UnauthorizedRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UnauthorizedRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ApiManagement service UnauthorizedRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UnauthorizedRequests", + "metricNamespace": "Microsoft.ApiManagement/service", + "metricName": "UnauthorizedRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UnauthorizedRequests-threshold-Override_'), field('tags._amba-UnauthorizedRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/App/containerApps/templates/policy/Replicas_94ae53cd-6e3b-47f5-9709-9c2e10eae6d7.json b/services/App/containerApps/templates/policy/Replicas_94ae53cd-6e3b-47f5-9709-9c2e10eae6d7.json new file mode 100644 index 000000000..6016ca481 --- /dev/null +++ b/services/App/containerApps/templates/policy/Replicas_94ae53cd-6e3b-47f5-9709-9c2e10eae6d7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "94ae53cd-6e3b-47f5-9709-9c2e10eae6d7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy App containerApps Replicas Alert", + "description": "Policy to Audit/Deploy App containerApps Replicas Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "App", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Replicas" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.App/containerApps/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Replicas-threshold-Override_'), field('tags._amba-Replicas-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Replicas')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for App containerApps Replicas", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Replicas", + "metricNamespace": "Microsoft.App/containerApps", + "metricName": "Replicas", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Replicas-threshold-Override_'), field('tags._amba-Replicas-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/App/containerApps/templates/policy/RestartCount_b12cad96-7ef2-4223-97f4-53b3dc64ecfa.json b/services/App/containerApps/templates/policy/RestartCount_b12cad96-7ef2-4223-97f4-53b3dc64ecfa.json new file mode 100644 index 000000000..7ad684b10 --- /dev/null +++ b/services/App/containerApps/templates/policy/RestartCount_b12cad96-7ef2-4223-97f4-53b3dc64ecfa.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b12cad96-7ef2-4223-97f4-53b3dc64ecfa", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy App containerApps RestartCount Alert", + "description": "Policy to Audit/Deploy App containerApps RestartCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "App", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RestartCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.App/containerApps/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RestartCount-threshold-Override_'), field('tags._amba-RestartCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RestartCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for App containerApps RestartCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RestartCount", + "metricNamespace": "Microsoft.App/containerApps", + "metricName": "RestartCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RestartCount-threshold-Override_'), field('tags._amba-RestartCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/App/containerApps/templates/policy/UsageNanoCores_a9e1306a-a541-423f-a69e-bd37f8f5013a.json b/services/App/containerApps/templates/policy/UsageNanoCores_a9e1306a-a541-423f-a69e-bd37f8f5013a.json new file mode 100644 index 000000000..e63b094f3 --- /dev/null +++ b/services/App/containerApps/templates/policy/UsageNanoCores_a9e1306a-a541-423f-a69e-bd37f8f5013a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a9e1306a-a541-423f-a69e-bd37f8f5013a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy App containerApps UsageNanoCores Alert", + "description": "Policy to Audit/Deploy App containerApps UsageNanoCores Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "App", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "900000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UsageNanoCores" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.App/containerApps/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UsageNanoCores-threshold-Override_'), field('tags._amba-UsageNanoCores-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UsageNanoCores')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for App containerApps UsageNanoCores", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UsageNanoCores", + "metricNamespace": "Microsoft.App/containerApps", + "metricName": "UsageNanoCores", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UsageNanoCores-threshold-Override_'), field('tags._amba-UsageNanoCores-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/App/containerApps/templates/policy/WorkingSetBytes_423b4280-1f68-49d8-b11a-6a816b0d9172.json b/services/App/containerApps/templates/policy/WorkingSetBytes_423b4280-1f68-49d8-b11a-6a816b0d9172.json new file mode 100644 index 000000000..8c5768ca4 --- /dev/null +++ b/services/App/containerApps/templates/policy/WorkingSetBytes_423b4280-1f68-49d8-b11a-6a816b0d9172.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "423b4280-1f68-49d8-b11a-6a816b0d9172", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy App containerApps WorkingSetBytes Alert", + "description": "Policy to Audit/Deploy App containerApps WorkingSetBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "App", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.App/containerApps" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "WorkingSetBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.App/containerApps/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-WorkingSetBytes-threshold-Override_'), field('tags._amba-WorkingSetBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-WorkingSetBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for App containerApps WorkingSetBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "WorkingSetBytes", + "metricNamespace": "Microsoft.App/containerApps", + "metricName": "WorkingSetBytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-WorkingSetBytes-threshold-Override_'), field('tags._amba-WorkingSetBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/AppConfiguration/configurationStores/templates/policy/ThrottledHttpRequestCount_0be9dd7c-ae7f-41f7-b3a6-844e64059b73.json b/services/AppConfiguration/configurationStores/templates/policy/ThrottledHttpRequestCount_0be9dd7c-ae7f-41f7-b3a6-844e64059b73.json new file mode 100644 index 000000000..df4055b81 --- /dev/null +++ b/services/AppConfiguration/configurationStores/templates/policy/ThrottledHttpRequestCount_0be9dd7c-ae7f-41f7-b3a6-844e64059b73.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0be9dd7c-ae7f-41f7-b3a6-844e64059b73", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AppConfiguration configurationStores ThrottledHttpRequestCount Alert", + "description": "Policy to Audit/Deploy AppConfiguration configurationStores ThrottledHttpRequestCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "AppConfiguration", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.AppConfiguration/configurationStores" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.AppConfiguration/configurationStores" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ThrottledHttpRequestCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.AppConfiguration/configurationStores/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ThrottledHttpRequestCount-threshold-Override_'), field('tags._amba-ThrottledHttpRequestCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ThrottledHttpRequestCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for AppConfiguration configurationStores ThrottledHttpRequestCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ThrottledHttpRequestCount", + "metricNamespace": "Microsoft.AppConfiguration/configurationStores", + "metricName": "ThrottledHttpRequestCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ThrottledHttpRequestCount-threshold-Override_'), field('tags._amba-ThrottledHttpRequestCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Automation/automationAccounts/templates/policy/TotalJob_74e0e3b4-62aa-4503-b05d-c5c79a029ed6.json b/services/Automation/automationAccounts/templates/policy/TotalJob_74e0e3b4-62aa-4503-b05d-c5c79a029ed6.json new file mode 100644 index 000000000..240fb9675 --- /dev/null +++ b/services/Automation/automationAccounts/templates/policy/TotalJob_74e0e3b4-62aa-4503-b05d-c5c79a029ed6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "74e0e3b4-62aa-4503-b05d-c5c79a029ed6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Automation Account TotalJob Alert", + "description": "Policy to Audit/Deploy Automation Account TotalJob Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Automation", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalJob" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Automation/automationAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalJob-threshold-Override_'), field('tags._amba-TotalJob-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalJob')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Automation automationAccounts TotalJob", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalJob", + "metricNamespace": "Microsoft.Automation/automationAccounts", + "metricName": "TotalJob", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalJob-threshold-Override_'), field('tags._amba-TotalJob-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentMachineRuns_49e7f58f-4910-4d2f-8589-573e8a65c6dd.json b/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentMachineRuns_49e7f58f-4910-4d2f-8589-573e8a65c6dd.json new file mode 100644 index 000000000..45446cb6b --- /dev/null +++ b/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentMachineRuns_49e7f58f-4910-4d2f-8589-573e8a65c6dd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "49e7f58f-4910-4d2f-8589-573e8a65c6dd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Automation automationAccounts TotalUpdateDeploymentMachineRuns Alert", + "description": "Policy to Audit/Deploy Automation automationAccounts TotalUpdateDeploymentMachineRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Automation", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalUpdateDeploymentMachineRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Automation/automationAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalUpdateDeploymentMachineRuns-threshold-Override_'), field('tags._amba-TotalUpdateDeploymentMachineRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalUpdateDeploymentMachineRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Automation automationAccounts TotalUpdateDeploymentMachineRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalUpdateDeploymentMachineRuns", + "metricNamespace": "Microsoft.Automation/automationAccounts", + "metricName": "TotalUpdateDeploymentMachineRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalUpdateDeploymentMachineRuns-threshold-Override_'), field('tags._amba-TotalUpdateDeploymentMachineRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentRuns_c521bf0d-efec-4d3a-8541-d8749915bfd4.json b/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentRuns_c521bf0d-efec-4d3a-8541-d8749915bfd4.json new file mode 100644 index 000000000..b2484391b --- /dev/null +++ b/services/Automation/automationAccounts/templates/policy/TotalUpdateDeploymentRuns_c521bf0d-efec-4d3a-8541-d8749915bfd4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c521bf0d-efec-4d3a-8541-d8749915bfd4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Automation automationAccounts TotalUpdateDeploymentRuns Alert", + "description": "Policy to Audit/Deploy Automation automationAccounts TotalUpdateDeploymentRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Automation", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Automation/automationAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalUpdateDeploymentRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Automation/automationAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalUpdateDeploymentRuns-threshold-Override_'), field('tags._amba-TotalUpdateDeploymentRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalUpdateDeploymentRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Automation automationAccounts TotalUpdateDeploymentRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalUpdateDeploymentRuns", + "metricNamespace": "Microsoft.Automation/automationAccounts", + "metricName": "TotalUpdateDeploymentRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalUpdateDeploymentRuns-threshold-Override_'), field('tags._amba-TotalUpdateDeploymentRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Batch/batchAccounts/templates/policy/OfflineNodeCount_b40fdb04-cada-4870-80f3-317afc57e5fb.json b/services/Batch/batchAccounts/templates/policy/OfflineNodeCount_b40fdb04-cada-4870-80f3-317afc57e5fb.json new file mode 100644 index 000000000..ff06cc183 --- /dev/null +++ b/services/Batch/batchAccounts/templates/policy/OfflineNodeCount_b40fdb04-cada-4870-80f3-317afc57e5fb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b40fdb04-cada-4870-80f3-317afc57e5fb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Batch batchAccounts OfflineNodeCount Alert", + "description": "Policy to Audit/Deploy Batch batchAccounts OfflineNodeCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Batch", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OfflineNodeCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Batch/batchAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OfflineNodeCount-threshold-Override_'), field('tags._amba-OfflineNodeCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OfflineNodeCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Batch batchAccounts OfflineNodeCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OfflineNodeCount", + "metricNamespace": "Microsoft.Batch/batchAccounts", + "metricName": "OfflineNodeCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OfflineNodeCount-threshold-Override_'), field('tags._amba-OfflineNodeCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Batch/batchAccounts/templates/policy/PreemptedNodeCount_8ce7d791-41a5-4d6a-9516-b009eabbd8f7.json b/services/Batch/batchAccounts/templates/policy/PreemptedNodeCount_8ce7d791-41a5-4d6a-9516-b009eabbd8f7.json new file mode 100644 index 000000000..58c0d594d --- /dev/null +++ b/services/Batch/batchAccounts/templates/policy/PreemptedNodeCount_8ce7d791-41a5-4d6a-9516-b009eabbd8f7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8ce7d791-41a5-4d6a-9516-b009eabbd8f7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Batch batchAccounts PreemptedNodeCount Alert", + "description": "Policy to Audit/Deploy Batch batchAccounts PreemptedNodeCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Batch", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PreemptedNodeCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Batch/batchAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PreemptedNodeCount-threshold-Override_'), field('tags._amba-PreemptedNodeCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PreemptedNodeCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Batch batchAccounts PreemptedNodeCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PreemptedNodeCount", + "metricNamespace": "Microsoft.Batch/batchAccounts", + "metricName": "PreemptedNodeCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PreemptedNodeCount-threshold-Override_'), field('tags._amba-PreemptedNodeCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Batch/batchAccounts/templates/policy/RebootingNodeCount_f49539ff-35b1-4d83-8541-e3cf49b383e5.json b/services/Batch/batchAccounts/templates/policy/RebootingNodeCount_f49539ff-35b1-4d83-8541-e3cf49b383e5.json new file mode 100644 index 000000000..1cc45e9fa --- /dev/null +++ b/services/Batch/batchAccounts/templates/policy/RebootingNodeCount_f49539ff-35b1-4d83-8541-e3cf49b383e5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f49539ff-35b1-4d83-8541-e3cf49b383e5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Batch batchAccounts RebootingNodeCount Alert", + "description": "Policy to Audit/Deploy Batch batchAccounts RebootingNodeCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Batch", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RebootingNodeCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Batch/batchAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RebootingNodeCount-threshold-Override_'), field('tags._amba-RebootingNodeCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RebootingNodeCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Batch batchAccounts RebootingNodeCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RebootingNodeCount", + "metricNamespace": "Microsoft.Batch/batchAccounts", + "metricName": "RebootingNodeCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RebootingNodeCount-threshold-Override_'), field('tags._amba-RebootingNodeCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Batch/batchAccounts/templates/policy/TaskFailEvent_70b8ce6d-0d28-4997-84df-957791877eec.json b/services/Batch/batchAccounts/templates/policy/TaskFailEvent_70b8ce6d-0d28-4997-84df-957791877eec.json new file mode 100644 index 000000000..d228f081b --- /dev/null +++ b/services/Batch/batchAccounts/templates/policy/TaskFailEvent_70b8ce6d-0d28-4997-84df-957791877eec.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "70b8ce6d-0d28-4997-84df-957791877eec", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Batch batchAccounts TaskFailEvent Alert", + "description": "Policy to Audit/Deploy Batch batchAccounts TaskFailEvent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Batch", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TaskFailEvent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Batch/batchAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TaskFailEvent-threshold-Override_'), field('tags._amba-TaskFailEvent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TaskFailEvent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Batch batchAccounts TaskFailEvent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TaskFailEvent", + "metricNamespace": "Microsoft.Batch/batchAccounts", + "metricName": "TaskFailEvent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TaskFailEvent-threshold-Override_'), field('tags._amba-TaskFailEvent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Batch/batchAccounts/templates/policy/UnusableNodeCount_6c9857e4-7d6b-4384-80da-b88a2e6858ac.json b/services/Batch/batchAccounts/templates/policy/UnusableNodeCount_6c9857e4-7d6b-4384-80da-b88a2e6858ac.json new file mode 100644 index 000000000..c5389f205 --- /dev/null +++ b/services/Batch/batchAccounts/templates/policy/UnusableNodeCount_6c9857e4-7d6b-4384-80da-b88a2e6858ac.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6c9857e4-7d6b-4384-80da-b88a2e6858ac", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Batch batchAccounts UnusableNodeCount Alert", + "description": "Policy to Audit/Deploy Batch batchAccounts UnusableNodeCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Batch", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2.5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Batch/batchAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UnusableNodeCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Batch/batchAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UnusableNodeCount-threshold-Override_'), field('tags._amba-UnusableNodeCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UnusableNodeCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Batch batchAccounts UnusableNodeCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UnusableNodeCount", + "metricNamespace": "Microsoft.Batch/batchAccounts", + "metricName": "UnusableNodeCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UnusableNodeCount-threshold-Override_'), field('tags._amba-UnusableNodeCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/allconnectedclients_af750dfc-62e5-4b74-9514-ca419d800590.json b/services/Cache/Redis/templates/policy/allconnectedclients_af750dfc-62e5-4b74-9514-ca419d800590.json new file mode 100644 index 000000000..2b3f21643 --- /dev/null +++ b/services/Cache/Redis/templates/policy/allconnectedclients_af750dfc-62e5-4b74-9514-ca419d800590.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "af750dfc-62e5-4b74-9514-ca419d800590", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis allconnectedclients Alert", + "description": "Policy to Audit/Deploy Cache Redis allconnectedclients Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "128" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allconnectedclients" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allconnectedclients-threshold-Override_'), field('tags._amba-allconnectedclients-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allconnectedclients')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis allconnectedclients", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allconnectedclients", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "allconnectedclients", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allconnectedclients-threshold-Override_'), field('tags._amba-allconnectedclients-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/allpercentprocessortime_24c5276b-77b1-48ab-a8c1-15844b11e0aa.json b/services/Cache/Redis/templates/policy/allpercentprocessortime_24c5276b-77b1-48ab-a8c1-15844b11e0aa.json new file mode 100644 index 000000000..a34c8f780 --- /dev/null +++ b/services/Cache/Redis/templates/policy/allpercentprocessortime_24c5276b-77b1-48ab-a8c1-15844b11e0aa.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "24c5276b-77b1-48ab-a8c1-15844b11e0aa", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis allpercentprocessortime Alert", + "description": "Policy to Audit/Deploy Cache Redis allpercentprocessortime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "60" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allpercentprocessortime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allpercentprocessortime-threshold-Override_'), field('tags._amba-allpercentprocessortime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allpercentprocessortime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis allpercentprocessortime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allpercentprocessortime", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "allpercentprocessortime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allpercentprocessortime-threshold-Override_'), field('tags._amba-allpercentprocessortime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/allserverLoad_7072ba94-41d2-4584-89ab-a5824ed045f4.json b/services/Cache/Redis/templates/policy/allserverLoad_7072ba94-41d2-4584-89ab-a5824ed045f4.json new file mode 100644 index 000000000..bd147f44a --- /dev/null +++ b/services/Cache/Redis/templates/policy/allserverLoad_7072ba94-41d2-4584-89ab-a5824ed045f4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7072ba94-41d2-4584-89ab-a5824ed045f4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis allserverLoad Alert", + "description": "Policy to Audit/Deploy Cache Redis allserverLoad Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allserverLoad" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allserverLoad-threshold-Override_'), field('tags._amba-allserverLoad-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allserverLoad')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis allserverLoad", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allserverLoad", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "allserverLoad", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allserverLoad-threshold-Override_'), field('tags._amba-allserverLoad-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/allusedmemorypercentage_b9ffe52a-f430-4605-a2b1-d815eb1bcc56.json b/services/Cache/Redis/templates/policy/allusedmemorypercentage_b9ffe52a-f430-4605-a2b1-d815eb1bcc56.json new file mode 100644 index 000000000..1e611ace2 --- /dev/null +++ b/services/Cache/Redis/templates/policy/allusedmemorypercentage_b9ffe52a-f430-4605-a2b1-d815eb1bcc56.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b9ffe52a-f430-4605-a2b1-d815eb1bcc56", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis allusedmemorypercentage Alert", + "description": "Policy to Audit/Deploy Cache Redis allusedmemorypercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allusedmemorypercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allusedmemorypercentage-threshold-Override_'), field('tags._amba-allusedmemorypercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allusedmemorypercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis allusedmemorypercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allusedmemorypercentage", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "allusedmemorypercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allusedmemorypercentage-threshold-Override_'), field('tags._amba-allusedmemorypercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/cacheLatency_82cb3ad7-d44f-4131-9078-5aac82d3333a.json b/services/Cache/Redis/templates/policy/cacheLatency_82cb3ad7-d44f-4131-9078-5aac82d3333a.json new file mode 100644 index 000000000..d2df94a8c --- /dev/null +++ b/services/Cache/Redis/templates/policy/cacheLatency_82cb3ad7-d44f-4131-9078-5aac82d3333a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "82cb3ad7-d44f-4131-9078-5aac82d3333a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis cacheLatency Alert", + "description": "Policy to Audit/Deploy Cache Redis cacheLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cacheLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cacheLatency-threshold-Override_'), field('tags._amba-cacheLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cacheLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis cacheLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cacheLatency", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "cacheLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cacheLatency-threshold-Override_'), field('tags._amba-cacheLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/cacheRead_cc764431-e1b0-4455-94b1-b66d32cc54b4.json b/services/Cache/Redis/templates/policy/cacheRead_cc764431-e1b0-4455-94b1-b66d32cc54b4.json new file mode 100644 index 000000000..574b056a7 --- /dev/null +++ b/services/Cache/Redis/templates/policy/cacheRead_cc764431-e1b0-4455-94b1-b66d32cc54b4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cc764431-e1b0-4455-94b1-b66d32cc54b4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis cacheRead Alert", + "description": "Policy to Audit/Deploy Cache Redis cacheRead Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "46875000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cacheRead" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cacheRead-threshold-Override_'), field('tags._amba-cacheRead-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cacheRead')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis cacheRead", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cacheRead", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "cacheRead", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cacheRead-threshold-Override_'), field('tags._amba-cacheRead-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/connectedclients_f0c2ec92-15bc-47b1-8edb-d0c5d10aaddc.json b/services/Cache/Redis/templates/policy/connectedclients_f0c2ec92-15bc-47b1-8edb-d0c5d10aaddc.json new file mode 100644 index 000000000..eebbba55f --- /dev/null +++ b/services/Cache/Redis/templates/policy/connectedclients_f0c2ec92-15bc-47b1-8edb-d0c5d10aaddc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f0c2ec92-15bc-47b1-8edb-d0c5d10aaddc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis connectedclients Alert", + "description": "Policy to Audit/Deploy Cache Redis connectedclients Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "850" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connectedclients" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connectedclients-threshold-Override_'), field('tags._amba-connectedclients-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connectedclients')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis connectedclients", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connectedclients", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "connectedclients", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connectedclients-threshold-Override_'), field('tags._amba-connectedclients-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/errors_24b37318-9353-4424-9d8e-ac28450328b6.json b/services/Cache/Redis/templates/policy/errors_24b37318-9353-4424-9d8e-ac28450328b6.json new file mode 100644 index 000000000..ecae12c9e --- /dev/null +++ b/services/Cache/Redis/templates/policy/errors_24b37318-9353-4424-9d8e-ac28450328b6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "24b37318-9353-4424-9d8e-ac28450328b6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis errors Alert", + "description": "Policy to Audit/Deploy Cache Redis errors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "errors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-errors-threshold-Override_'), field('tags._amba-errors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-errors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis errors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "errors", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "errors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-errors-threshold-Override_'), field('tags._amba-errors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/percentProcessorTime_8d5df17c-a5b7-4cf1-a01e-f9d8625297a6.json b/services/Cache/Redis/templates/policy/percentProcessorTime_8d5df17c-a5b7-4cf1-a01e-f9d8625297a6.json new file mode 100644 index 000000000..cd9d137c9 --- /dev/null +++ b/services/Cache/Redis/templates/policy/percentProcessorTime_8d5df17c-a5b7-4cf1-a01e-f9d8625297a6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8d5df17c-a5b7-4cf1-a01e-f9d8625297a6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis percentProcessorTime Alert", + "description": "Policy to Audit/Deploy Cache Redis percentProcessorTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "percentProcessorTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-percentProcessorTime-threshold-Override_'), field('tags._amba-percentProcessorTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-percentProcessorTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis percentProcessorTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "percentProcessorTime", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "percentProcessorTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-percentProcessorTime-threshold-Override_'), field('tags._amba-percentProcessorTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/serverLoad_837ecf42-3f25-41ae-b97d-34193f0669da.json b/services/Cache/Redis/templates/policy/serverLoad_837ecf42-3f25-41ae-b97d-34193f0669da.json new file mode 100644 index 000000000..3e0a018ff --- /dev/null +++ b/services/Cache/Redis/templates/policy/serverLoad_837ecf42-3f25-41ae-b97d-34193f0669da.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "837ecf42-3f25-41ae-b97d-34193f0669da", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis serverLoad Alert", + "description": "Policy to Audit/Deploy Cache Redis serverLoad Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "serverLoad" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-serverLoad-threshold-Override_'), field('tags._amba-serverLoad-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-serverLoad')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis serverLoad", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "serverLoad", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "serverLoad", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-serverLoad-threshold-Override_'), field('tags._amba-serverLoad-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/usedmemoryRss_1b68776d-4d11-4d27-96c5-4d51cf17e1fc.json b/services/Cache/Redis/templates/policy/usedmemoryRss_1b68776d-4d11-4d27-96c5-4d51cf17e1fc.json new file mode 100644 index 000000000..cc86641cb --- /dev/null +++ b/services/Cache/Redis/templates/policy/usedmemoryRss_1b68776d-4d11-4d27-96c5-4d51cf17e1fc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1b68776d-4d11-4d27-96c5-4d51cf17e1fc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis usedmemoryRss Alert", + "description": "Policy to Audit/Deploy Cache Redis usedmemoryRss Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "11000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "usedmemoryRss" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-usedmemoryRss-threshold-Override_'), field('tags._amba-usedmemoryRss-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-usedmemoryRss')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis usedmemoryRss", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "usedmemoryRss", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "usedmemoryRss", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-usedmemoryRss-threshold-Override_'), field('tags._amba-usedmemoryRss-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/usedmemory_aecc75bf-f961-4c22-86e9-84c5039a2938.json b/services/Cache/Redis/templates/policy/usedmemory_aecc75bf-f961-4c22-86e9-84c5039a2938.json new file mode 100644 index 000000000..8066e883e --- /dev/null +++ b/services/Cache/Redis/templates/policy/usedmemory_aecc75bf-f961-4c22-86e9-84c5039a2938.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "aecc75bf-f961-4c22-86e9-84c5039a2938", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis usedmemory Alert", + "description": "Policy to Audit/Deploy Cache Redis usedmemory Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "200000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "usedmemory" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-usedmemory-threshold-Override_'), field('tags._amba-usedmemory-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-usedmemory')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis usedmemory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "usedmemory", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "usedmemory", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-usedmemory-threshold-Override_'), field('tags._amba-usedmemory-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cache/Redis/templates/policy/usedmemorypercentage_d6c4011c-f4e6-4b12-b6e6-9486eab0fecc.json b/services/Cache/Redis/templates/policy/usedmemorypercentage_d6c4011c-f4e6-4b12-b6e6-9486eab0fecc.json new file mode 100644 index 000000000..9290f392c --- /dev/null +++ b/services/Cache/Redis/templates/policy/usedmemorypercentage_d6c4011c-f4e6-4b12-b6e6-9486eab0fecc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d6c4011c-f4e6-4b12-b6e6-9486eab0fecc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cache Redis usedmemorypercentage Alert", + "description": "Policy to Audit/Deploy Cache Redis usedmemorypercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cache/Redis" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "usedmemorypercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cache/Redis/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-usedmemorypercentage-threshold-Override_'), field('tags._amba-usedmemorypercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-usedmemorypercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cache Redis usedmemorypercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "usedmemorypercentage", + "metricNamespace": "Microsoft.Cache/Redis", + "metricName": "usedmemorypercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-usedmemorypercentage-threshold-Override_'), field('tags._amba-usedmemorypercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cdn/profiles/templates/policy/ByteHitRatio_5e8aaa27-e5b3-4774-9807-af61ec96b001.json b/services/Cdn/profiles/templates/policy/ByteHitRatio_5e8aaa27-e5b3-4774-9807-af61ec96b001.json new file mode 100644 index 000000000..d5faf03b2 --- /dev/null +++ b/services/Cdn/profiles/templates/policy/ByteHitRatio_5e8aaa27-e5b3-4774-9807-af61ec96b001.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5e8aaa27-e5b3-4774-9807-af61ec96b001", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cdn profiles ByteHitRatio Alert", + "description": "Policy to Audit/Deploy Cdn profiles ByteHitRatio Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cdn", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ByteHitRatio" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ByteHitRatio-threshold-Override_'), field('tags._amba-ByteHitRatio-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ByteHitRatio')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cdn profiles ByteHitRatio", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ByteHitRatio", + "metricNamespace": "Microsoft.Cdn/profiles", + "metricName": "ByteHitRatio", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ByteHitRatio-threshold-Override_'), field('tags._amba-ByteHitRatio-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cdn/profiles/templates/policy/OriginHealthPercentage_c42138d4-bb4c-4171-8802-ba44d671d72f.json b/services/Cdn/profiles/templates/policy/OriginHealthPercentage_c42138d4-bb4c-4171-8802-ba44d671d72f.json new file mode 100644 index 000000000..23dbe9c48 --- /dev/null +++ b/services/Cdn/profiles/templates/policy/OriginHealthPercentage_c42138d4-bb4c-4171-8802-ba44d671d72f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c42138d4-bb4c-4171-8802-ba44d671d72f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cdn profiles OriginHealthPercentage Alert", + "description": "Policy to Audit/Deploy Cdn profiles OriginHealthPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cdn", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OriginHealthPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OriginHealthPercentage-threshold-Override_'), field('tags._amba-OriginHealthPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OriginHealthPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cdn profiles OriginHealthPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OriginHealthPercentage", + "metricNamespace": "Microsoft.Cdn/profiles", + "metricName": "OriginHealthPercentage", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OriginHealthPercentage-threshold-Override_'), field('tags._amba-OriginHealthPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cdn/profiles/templates/policy/PercentageXX_c47441d4-7061-4acd-8ad8-69e52d00557c.json b/services/Cdn/profiles/templates/policy/PercentageXX_c47441d4-7061-4acd-8ad8-69e52d00557c.json new file mode 100644 index 000000000..17accc153 --- /dev/null +++ b/services/Cdn/profiles/templates/policy/PercentageXX_c47441d4-7061-4acd-8ad8-69e52d00557c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c47441d4-7061-4acd-8ad8-69e52d00557c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cdn profiles Percentage5XX Alert", + "description": "Policy to Audit/Deploy Cdn profiles Percentage5XX Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cdn", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Percentage5XX" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Percentage5XX-threshold-Override_'), field('tags._amba-Percentage5XX-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Percentage5XX')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cdn profiles Percentage5XX", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Percentage5XX", + "metricNamespace": "Microsoft.Cdn/profiles", + "metricName": "Percentage5XX", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Percentage5XX-threshold-Override_'), field('tags._amba-Percentage5XX-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cdn/profiles/templates/policy/RequestCount_cf6babc2-f623-4f12-a352-c30a02bcb6c6.json b/services/Cdn/profiles/templates/policy/RequestCount_cf6babc2-f623-4f12-a352-c30a02bcb6c6.json new file mode 100644 index 000000000..b56c0ab10 --- /dev/null +++ b/services/Cdn/profiles/templates/policy/RequestCount_cf6babc2-f623-4f12-a352-c30a02bcb6c6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cf6babc2-f623-4f12-a352-c30a02bcb6c6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cdn profiles RequestCount Alert", + "description": "Policy to Audit/Deploy Cdn profiles RequestCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cdn", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RequestCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RequestCount-threshold-Override_'), field('tags._amba-RequestCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RequestCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cdn profiles RequestCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RequestCount", + "metricNamespace": "Microsoft.Cdn/profiles", + "metricName": "RequestCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RequestCount-threshold-Override_'), field('tags._amba-RequestCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Cdn/profiles/templates/policy/TotalLatency_5fb9c4bf-3799-44e0-bd75-656d1cfa26d2.json b/services/Cdn/profiles/templates/policy/TotalLatency_5fb9c4bf-3799-44e0-bd75-656d1cfa26d2.json new file mode 100644 index 000000000..8a06b3b8c --- /dev/null +++ b/services/Cdn/profiles/templates/policy/TotalLatency_5fb9c4bf-3799-44e0-bd75-656d1cfa26d2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5fb9c4bf-3799-44e0-bd75-656d1cfa26d2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Cdn profiles TotalLatency Alert", + "description": "Policy to Audit/Deploy Cdn profiles TotalLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Cdn", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Cdn/profiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Cdn profiles TotalLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalLatency", + "metricNamespace": "Microsoft.Cdn/profiles", + "metricName": "TotalLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/BlockedCalls_87fe8679-655d-4acb-a37c-b7faebe26d47.json b/services/CognitiveServices/accounts/templates/policy/BlockedCalls_87fe8679-655d-4acb-a37c-b7faebe26d47.json new file mode 100644 index 000000000..2668f125b --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/BlockedCalls_87fe8679-655d-4acb-a37c-b7faebe26d47.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "87fe8679-655d-4acb-a37c-b7faebe26d47", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts BlockedCalls Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts BlockedCalls Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BlockedCalls" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BlockedCalls-threshold-Override_'), field('tags._amba-BlockedCalls-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BlockedCalls')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts BlockedCalls", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BlockedCalls", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "BlockedCalls", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BlockedCalls-threshold-Override_'), field('tags._amba-BlockedCalls-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/ClientErrors_ec8c928a-5206-4059-8aea-8486004dd30d.json b/services/CognitiveServices/accounts/templates/policy/ClientErrors_ec8c928a-5206-4059-8aea-8486004dd30d.json new file mode 100644 index 000000000..182b2e6b5 --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/ClientErrors_ec8c928a-5206-4059-8aea-8486004dd30d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ec8c928a-5206-4059-8aea-8486004dd30d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts ClientErrors Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts ClientErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ClientErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ClientErrors-threshold-Override_'), field('tags._amba-ClientErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ClientErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts ClientErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ClientErrors", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "ClientErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ClientErrors-threshold-Override_'), field('tags._amba-ClientErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/Latency_d76ab40a-2831-4fa2-b476-5fdcda3d7c4c.json b/services/CognitiveServices/accounts/templates/policy/Latency_d76ab40a-2831-4fa2-b476-5fdcda3d7c4c.json new file mode 100644 index 000000000..bcaeaad6e --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/Latency_d76ab40a-2831-4fa2-b476-5fdcda3d7c4c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d76ab40a-2831-4fa2-b476-5fdcda3d7c4c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts Latency Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts Latency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Latency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Latency-threshold-Override_'), field('tags._amba-Latency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Latency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts Latency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Latency", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "Latency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Latency-threshold-Override_'), field('tags._amba-Latency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/ServerErrors_3c550d9c-8276-4a61-b0cf-ef437a55e299.json b/services/CognitiveServices/accounts/templates/policy/ServerErrors_3c550d9c-8276-4a61-b0cf-ef437a55e299.json new file mode 100644 index 000000000..5991d717f --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/ServerErrors_3c550d9c-8276-4a61-b0cf-ef437a55e299.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3c550d9c-8276-4a61-b0cf-ef437a55e299", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts ServerErrors Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts ServerErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts ServerErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerErrors", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "ServerErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/SuccessRate_80f3c9ae-7da9-462f-ab44-2ff80d27c8f1.json b/services/CognitiveServices/accounts/templates/policy/SuccessRate_80f3c9ae-7da9-462f-ab44-2ff80d27c8f1.json new file mode 100644 index 000000000..edccae1ed --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/SuccessRate_80f3c9ae-7da9-462f-ab44-2ff80d27c8f1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "80f3c9ae-7da9-462f-ab44-2ff80d27c8f1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts SuccessRate Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts SuccessRate Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "99.9" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SuccessRate" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SuccessRate-threshold-Override_'), field('tags._amba-SuccessRate-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SuccessRate')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts SuccessRate", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SuccessRate", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "SuccessRate", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SuccessRate-threshold-Override_'), field('tags._amba-SuccessRate-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/TokenTransaction_287a29bf-097d-4c4a-9ac5-df70a10f6903.json b/services/CognitiveServices/accounts/templates/policy/TokenTransaction_287a29bf-097d-4c4a-9ac5-df70a10f6903.json new file mode 100644 index 000000000..dab79b7df --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/TokenTransaction_287a29bf-097d-4c4a-9ac5-df70a10f6903.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "287a29bf-097d-4c4a-9ac5-df70a10f6903", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts TokenTransaction Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts TokenTransaction Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "180000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TokenTransaction" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TokenTransaction-threshold-Override_'), field('tags._amba-TokenTransaction-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TokenTransaction')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts TokenTransaction", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TokenTransaction", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "TokenTransaction", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TokenTransaction-threshold-Override_'), field('tags._amba-TokenTransaction-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/TotalCalls_07f1ae0a-94f3-41da-b3a6-ca9188e416cb.json b/services/CognitiveServices/accounts/templates/policy/TotalCalls_07f1ae0a-94f3-41da-b3a6-ca9188e416cb.json new file mode 100644 index 000000000..7acc9abe5 --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/TotalCalls_07f1ae0a-94f3-41da-b3a6-ca9188e416cb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "07f1ae0a-94f3-41da-b3a6-ca9188e416cb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts TotalCalls Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts TotalCalls Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalCalls" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalCalls-threshold-Override_'), field('tags._amba-TotalCalls-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalCalls')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts TotalCalls", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalCalls", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "TotalCalls", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalCalls-threshold-Override_'), field('tags._amba-TotalCalls-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/CognitiveServices/accounts/templates/policy/TotalErrors_e228ad2d-7f9f-4843-88e2-57f6d44c59e9.json b/services/CognitiveServices/accounts/templates/policy/TotalErrors_e228ad2d-7f9f-4843-88e2-57f6d44c59e9.json new file mode 100644 index 000000000..969535e33 --- /dev/null +++ b/services/CognitiveServices/accounts/templates/policy/TotalErrors_e228ad2d-7f9f-4843-88e2-57f6d44c59e9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e228ad2d-7f9f-4843-88e2-57f6d44c59e9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy CognitiveServices accounts TotalErrors Alert", + "description": "Policy to Audit/Deploy CognitiveServices accounts TotalErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "CognitiveServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.CognitiveServices/accounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.CognitiveServices/accounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalErrors-threshold-Override_'), field('tags._amba-TotalErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for CognitiveServices accounts TotalErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalErrors", + "metricNamespace": "Microsoft.CognitiveServices/accounts", + "metricName": "TotalErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalErrors-threshold-Override_'), field('tags._amba-TotalErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/cloudServices/templates/policy/PercentageCPU_e98657ed-8a0b-4992-9d20-a54e2d6065ef.json b/services/Compute/cloudServices/templates/policy/PercentageCPU_e98657ed-8a0b-4992-9d20-a54e2d6065ef.json new file mode 100644 index 000000000..6cc2b9dbf --- /dev/null +++ b/services/Compute/cloudServices/templates/policy/PercentageCPU_e98657ed-8a0b-4992-9d20-a54e2d6065ef.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e98657ed-8a0b-4992-9d20-a54e2d6065ef", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute cloudServices Percentage CPU Alert", + "description": "Policy to Audit/Deploy Compute cloudServices Percentage CPU Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/cloudServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/cloudServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Percentage CPU" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/cloudServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Percentage CPU')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute cloudServices Percentage CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Percentage CPU", + "metricNamespace": "Microsoft.Compute/cloudServices", + "metricName": "Percentage CPU", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/AvailableMemoryBytes_d9089d09-ddec-4f6a-8dc1-e2544e5765cb.json b/services/Compute/virtualMachineScaleSets/templates/policy/AvailableMemoryBytes_d9089d09-ddec-4f6a-8dc1-e2544e5765cb.json new file mode 100644 index 000000000..d81c90fbe --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/AvailableMemoryBytes_d9089d09-ddec-4f6a-8dc1-e2544e5765cb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d9089d09-ddec-4f6a-8dc1-e2544e5765cb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Available Memory Bytes Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Available Memory Bytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Available Memory Bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Available Memory Bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Available Memory Bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Available Memory Bytes", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Available Memory Bytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/DataDiskIOPSConsumedPercentage_a8c08a0f-fcd7-4b97-8a6e-06b34bac0b9f.json b/services/Compute/virtualMachineScaleSets/templates/policy/DataDiskIOPSConsumedPercentage_a8c08a0f-fcd7-4b97-8a6e-06b34bac0b9f.json new file mode 100644 index 000000000..c4e3aa393 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/DataDiskIOPSConsumedPercentage_a8c08a0f-fcd7-4b97-8a6e-06b34bac0b9f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a8c08a0f-fcd7-4b97-8a6e-06b34bac0b9f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Data Disk IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Data Disk IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Data Disk IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Data Disk IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/DiskReadOperationsSec_ea8be16a-f5e9-4a8b-a1df-a8c5efff039b.json b/services/Compute/virtualMachineScaleSets/templates/policy/DiskReadOperationsSec_ea8be16a-f5e9-4a8b-a1df-a8c5efff039b.json new file mode 100644 index 000000000..1c44fafa6 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/DiskReadOperationsSec_ea8be16a-f5e9-4a8b-a1df-a8c5efff039b.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea8be16a-f5e9-4a8b-a1df-a8c5efff039b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Disk Read Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Disk Read Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Read Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Read Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Disk Read Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Read Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Disk Read Operations/Sec", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/DiskWriteOperationsSec_dce1cda8-1dab-4941-b607-1d5d449709d5.json b/services/Compute/virtualMachineScaleSets/templates/policy/DiskWriteOperationsSec_dce1cda8-1dab-4941-b607-1d5d449709d5.json new file mode 100644 index 000000000..f9403404c --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/DiskWriteOperationsSec_dce1cda8-1dab-4941-b607-1d5d449709d5.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dce1cda8-1dab-4941-b607-1d5d449709d5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Disk Write Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Disk Write Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Write Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Write Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Disk Write Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Write Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Disk Write Operations/Sec", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/InboundFlows_86991e6e-efc9-4898-adf8-4e8e3a60c57e.json b/services/Compute/virtualMachineScaleSets/templates/policy/InboundFlows_86991e6e-efc9-4898-adf8-4e8e3a60c57e.json new file mode 100644 index 000000000..03ae24f54 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/InboundFlows_86991e6e-efc9-4898-adf8-4e8e3a60c57e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "86991e6e-efc9-4898-adf8-4e8e3a60c57e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Inbound Flows Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Inbound Flows Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Inbound Flows" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Inbound Flows-threshold-Override_'), field('tags._amba-Inbound Flows-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Inbound Flows')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Inbound Flows", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Inbound Flows", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Inbound Flows", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Inbound Flows-threshold-Override_'), field('tags._amba-Inbound Flows-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/NetworkInTotal_f0e94112-5509-47b6-8def-91fb5ca5d0cd.json b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkInTotal_f0e94112-5509-47b6-8def-91fb5ca5d0cd.json new file mode 100644 index 000000000..864d4183c --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkInTotal_f0e94112-5509-47b6-8def-91fb5ca5d0cd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f0e94112-5509-47b6-8def-91fb5ca5d0cd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Network In Total Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Network In Total Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "700000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Network In Total" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Network In Total-threshold-Override_'), field('tags._amba-Network In Total-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Network In Total')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Network In Total", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Network In Total", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Network In Total", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Network In Total-threshold-Override_'), field('tags._amba-Network In Total-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/NetworkIn_87dfe717-217f-4447-b59a-7ea39160b83a.json b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkIn_87dfe717-217f-4447-b59a-7ea39160b83a.json new file mode 100644 index 000000000..77f39c0d7 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkIn_87dfe717-217f-4447-b59a-7ea39160b83a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "87dfe717-217f-4447-b59a-7ea39160b83a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Network In Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Network In Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Network In" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Network In-threshold-Override_'), field('tags._amba-Network In-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Network In')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Network In", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Network In", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Network In", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Network In-threshold-Override_'), field('tags._amba-Network In-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/NetworkOutTotal_98de2aed-3493-4e65-919b-b1f8e6995819.json b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkOutTotal_98de2aed-3493-4e65-919b-b1f8e6995819.json new file mode 100644 index 000000000..61fdd8c2b --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/NetworkOutTotal_98de2aed-3493-4e65-919b-b1f8e6995819.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "98de2aed-3493-4e65-919b-b1f8e6995819", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Network Out Total Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Network Out Total Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "700000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Network Out Total" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Network Out Total-threshold-Override_'), field('tags._amba-Network Out Total-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Network Out Total')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Network Out Total", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Network Out Total", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Network Out Total", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Network Out Total-threshold-Override_'), field('tags._amba-Network Out Total-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/OSDiskIOPSConsumedPercentage_55dc79f4-5666-420f-8c53-141d73e01fee.json b/services/Compute/virtualMachineScaleSets/templates/policy/OSDiskIOPSConsumedPercentage_55dc79f4-5666-420f-8c53-141d73e01fee.json new file mode 100644 index 000000000..52cdfc452 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/OSDiskIOPSConsumedPercentage_55dc79f4-5666-420f-8c53-141d73e01fee.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "55dc79f4-5666-420f-8c53-141d73e01fee", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets OS Disk IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets OS Disk IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets OS Disk IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "OS Disk IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/OutboundFlows_d336cfa2-724e-419a-809d-c716741d5279.json b/services/Compute/virtualMachineScaleSets/templates/policy/OutboundFlows_d336cfa2-724e-419a-809d-c716741d5279.json new file mode 100644 index 000000000..fbcdc5d3b --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/OutboundFlows_d336cfa2-724e-419a-809d-c716741d5279.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d336cfa2-724e-419a-809d-c716741d5279", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Outbound Flows Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Outbound Flows Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Outbound Flows" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Outbound Flows-threshold-Override_'), field('tags._amba-Outbound Flows-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Outbound Flows')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Outbound Flows", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Outbound Flows", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Outbound Flows", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Outbound Flows-threshold-Override_'), field('tags._amba-Outbound Flows-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/PercentageCPU_310c2a27-8933-434e-a366-cb35831cde44.json b/services/Compute/virtualMachineScaleSets/templates/policy/PercentageCPU_310c2a27-8933-434e-a366-cb35831cde44.json new file mode 100644 index 000000000..e1a9daa79 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/PercentageCPU_310c2a27-8933-434e-a366-cb35831cde44.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "310c2a27-8933-434e-a366-cb35831cde44", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets Percentage CPU Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets Percentage CPU Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Percentage CPU" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Percentage CPU')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets Percentage CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Percentage CPU", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "Percentage CPU", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachineScaleSets/templates/policy/VmAvailabilityMetric_6cf11f1e-273a-4f42-bf9b-9310b26c1c4f.json b/services/Compute/virtualMachineScaleSets/templates/policy/VmAvailabilityMetric_6cf11f1e-273a-4f42-bf9b-9310b26c1c4f.json new file mode 100644 index 000000000..2e69bfcd7 --- /dev/null +++ b/services/Compute/virtualMachineScaleSets/templates/policy/VmAvailabilityMetric_6cf11f1e-273a-4f42-bf9b-9310b26c1c4f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6cf11f1e-273a-4f42-bf9b-9310b26c1c4f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachineScaleSets VmAvailabilityMetric Alert", + "description": "Policy to Audit/Deploy Compute virtualMachineScaleSets VmAvailabilityMetric Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachineScaleSets" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VmAvailabilityMetric" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachineScaleSets/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VmAvailabilityMetric-threshold-Override_'), field('tags._amba-VmAvailabilityMetric-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VmAvailabilityMetric')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachineScaleSets VmAvailabilityMetric", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VmAvailabilityMetric", + "metricNamespace": "Microsoft.Compute/virtualMachineScaleSets", + "metricName": "VmAvailabilityMetric", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VmAvailabilityMetric-threshold-Override_'), field('tags._amba-VmAvailabilityMetric-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_b0bd7c37-eb24-47c2-a032-f925594152ed.json b/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_b0bd7c37-eb24-47c2-a032-f925594152ed.json new file mode 100644 index 000000000..a94e0ed83 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_b0bd7c37-eb24-47c2-a032-f925594152ed.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0bd7c37-eb24-47c2-a032-f925594152ed", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Available Memory Bytes (MBytes) Alert", + "description": "Policy to Audit/Deploy VM Available Memory Bytes (MBytes) Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Available Memory Bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Available Memory Bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Available Memory Bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Available Memory Bytes", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Available Memory Bytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_bf1e0006-6089-4f92-a115-fc83aa0fbdd5.json b/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_bf1e0006-6089-4f92-a115-fc83aa0fbdd5.json new file mode 100644 index 000000000..7ddd99b8f --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/AvailableMemoryBytes_bf1e0006-6089-4f92-a115-fc83aa0fbdd5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "bf1e0006-6089-4f92-a115-fc83aa0fbdd5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Available Memory Bytes Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Available Memory Bytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Available Memory Bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Available Memory Bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Available Memory Bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Available Memory Bytes", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Available Memory Bytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Available Memory Bytes-threshold-Override_'), field('tags._amba-Available Memory Bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/AvailableMemoryPercentage_69912da3-8d8d-4d57-884a-97c2bdd03bdd.json b/services/Compute/virtualMachines/templates/policy/AvailableMemoryPercentage_69912da3-8d8d-4d57-884a-97c2bdd03bdd.json new file mode 100644 index 000000000..710a8534a --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/AvailableMemoryPercentage_69912da3-8d8d-4d57-884a-97c2bdd03bdd.json @@ -0,0 +1,526 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_Memory_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Memory Alert", + "description": "Policy to audit/deploy VM Memory Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "LessThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMLowMemoryAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"|where Namespace == \"Memory\" and Name == \"AvailableMB\"| extend TotalMemory = toreal(todynamic(Tags)[\"vm.azm.ms/memorySizeMB\"]) | extend AvailableMemoryPercentage = (toreal(Val) / TotalMemory) * 100.0| summarize AggregatedValue = avg(AvailableMemoryPercentage) by bin(TimeGenerated, 15m), Computer, _ResourceId" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMMemoryAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMLowMemoryAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMLowMemoryAlert')]", + "description": "Log Alert for Virtual Machine Memory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"|where Namespace == \"Memory\" and Name == \"AvailableMB\"| extend TotalMemory = toreal(todynamic(Tags)[\"vm.azm.ms/memorySizeMB\"]) | extend AvailableMemoryPercentage = (toreal(Val) / TotalMemory) * 100.0| summarize AggregatedValue = avg(AvailableMemoryPercentage) by bin(TimeGenerated, 15m), Computer, _ResourceId", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": [ + "*" + ] + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/CPUCreditsConsumed_a407ae10-6263-449c-81b9-172760d6dc6d.json b/services/Compute/virtualMachines/templates/policy/CPUCreditsConsumed_a407ae10-6263-449c-81b9-172760d6dc6d.json new file mode 100644 index 000000000..5c254113b --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/CPUCreditsConsumed_a407ae10-6263-449c-81b9-172760d6dc6d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a407ae10-6263-449c-81b9-172760d6dc6d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines CPU Credits Consumed Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines CPU Credits Consumed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CPU Credits Consumed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CPU Credits Consumed-threshold-Override_'), field('tags._amba-CPU Credits Consumed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CPU Credits Consumed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines CPU Credits Consumed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CPU Credits Consumed", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "CPU Credits Consumed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CPU Credits Consumed-threshold-Override_'), field('tags._amba-CPU Credits Consumed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/CPUCreditsRemaining_821888a1-6490-4a2d-8850-bdc45057a853.json b/services/Compute/virtualMachines/templates/policy/CPUCreditsRemaining_821888a1-6490-4a2d-8850-bdc45057a853.json new file mode 100644 index 000000000..e52b372c3 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/CPUCreditsRemaining_821888a1-6490-4a2d-8850-bdc45057a853.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "821888a1-6490-4a2d-8850-bdc45057a853", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines CPU Credits Remaining Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines CPU Credits Remaining Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CPU Credits Remaining" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CPU Credits Remaining-threshold-Override_'), field('tags._amba-CPU Credits Remaining-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CPU Credits Remaining')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines CPU Credits Remaining", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CPU Credits Remaining", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "CPU Credits Remaining", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CPU Credits Remaining-threshold-Override_'), field('tags._amba-CPU Credits Remaining-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskBandwidthConsumedPercentage_b57b0749-f851-4c3d-b7fb-7cf26f3bf16a.json b/services/Compute/virtualMachines/templates/policy/DataDiskBandwidthConsumedPercentage_b57b0749-f851-4c3d-b7fb-7cf26f3bf16a.json new file mode 100644 index 000000000..f51de4262 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskBandwidthConsumedPercentage_b57b0749-f851-4c3d-b7fb-7cf26f3bf16a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b57b0749-f851-4c3d-b7fb-7cf26f3bf16a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Bandwidth Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Bandwidth Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Bandwidth Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Bandwidth Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Bandwidth Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Bandwidth Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Bandwidth Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskFreeSpacePercentage_5dbf3a3d-7f08-4deb-a153-129c3485da84.json b/services/Compute/virtualMachines/templates/policy/DataDiskFreeSpacePercentage_5dbf3a3d-7f08-4deb-a153-129c3485da84.json new file mode 100644 index 000000000..edf5e7fd7 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskFreeSpacePercentage_5dbf3a3d-7f08-4deb-a153-129c3485da84.json @@ -0,0 +1,550 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_dataDiskSpace_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Data Disk Space Alert", + "description": "Policy to audit/deploy VM data Disk Space Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "LessThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both Windows and Linux" + }, + "defaultValue": [ + "*" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMLowdataDiskSpaceAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMdataDiskSpaceAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMLowdataDiskSpaceAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMLowdataDiskSpaceAlert')]", + "description": "Log Alert for Virtual Machine dataDiskSpace", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": [ + "*" + ] + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskIOPSConsumedPercentage_b0cbb9f8-cc67-4e7d-95a8-5a058c6de7e0.json b/services/Compute/virtualMachines/templates/policy/DataDiskIOPSConsumedPercentage_b0cbb9f8-cc67-4e7d-95a8-5a058c6de7e0.json new file mode 100644 index 000000000..139d1c3ca --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskIOPSConsumedPercentage_b0cbb9f8-cc67-4e7d-95a8-5a058c6de7e0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0cbb9f8-cc67-4e7d-95a8-5a058c6de7e0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-Data Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskMaxBurstIOPS_9b0f41af-1c52-4890-a23a-3bfebfee1154.json b/services/Compute/virtualMachines/templates/policy/DataDiskMaxBurstIOPS_9b0f41af-1c52-4890-a23a-3bfebfee1154.json new file mode 100644 index 000000000..52caae632 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskMaxBurstIOPS_9b0f41af-1c52-4890-a23a-3bfebfee1154.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9b0f41af-1c52-4890-a23a-3bfebfee1154", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Max Burst IOPS Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Max Burst IOPS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3750" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Max Burst IOPS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Max Burst IOPS-threshold-Override_'), field('tags._amba-Data Disk Max Burst IOPS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Max Burst IOPS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Max Burst IOPS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Max Burst IOPS", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Max Burst IOPS", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Max Burst IOPS-threshold-Override_'), field('tags._amba-Data Disk Max Burst IOPS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskQueueDepth_040bc9c3-da5c-4fd0-b160-979ce89364ae.json b/services/Compute/virtualMachines/templates/policy/DataDiskQueueDepth_040bc9c3-da5c-4fd0-b160-979ce89364ae.json new file mode 100644 index 000000000..bd1583200 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskQueueDepth_040bc9c3-da5c-4fd0-b160-979ce89364ae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "040bc9c3-da5c-4fd0-b160-979ce89364ae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Queue Depth Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Queue Depth Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Queue Depth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Queue Depth-threshold-Override_'), field('tags._amba-Data Disk Queue Depth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Queue Depth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Queue Depth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Queue Depth", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Queue Depth", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Queue Depth-threshold-Override_'), field('tags._amba-Data Disk Queue Depth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskReadLatencyms_abddd643-e7c7-411c-b13a-64fdbb406cc8.json b/services/Compute/virtualMachines/templates/policy/DataDiskReadLatencyms_abddd643-e7c7-411c-b13a-64fdbb406cc8.json new file mode 100644 index 000000000..4f31b9c8f --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskReadLatencyms_abddd643-e7c7-411c-b13a-64fdbb406cc8.json @@ -0,0 +1,567 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_dataDiskReadLatency_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Data Disk Read Latency Alert", + "description": "Policy to audit/deploy VM dataDiskReadLatency Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "30" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Computers to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both windows and linux" + }, + "defaultValue": [ + "*" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMHighdataDiskReadLatencyAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + }, + "computersToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMdataDiskReadLatencyAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMHighdataDiskReadLatencyAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMHighdataDiskReadLatencyAlert')]", + "description": "Log Alert for Virtual Machine dataDiskReadLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskReadOperationsSec_3c5518ea-9a0f-44ff-b197-47b3d6db060b.json b/services/Compute/virtualMachines/templates/policy/DataDiskReadOperationsSec_3c5518ea-9a0f-44ff-b197-47b3d6db060b.json new file mode 100644 index 000000000..ad095d499 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskReadOperationsSec_3c5518ea-9a0f-44ff-b197-47b3d6db060b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3c5518ea-9a0f-44ff-b197-47b3d6db060b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Read Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Read Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Read Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Read Operations/Sec-threshold-Override_'), field('tags._amba-Data Disk Read Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Read Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Read Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Read Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Read Operations/Sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Read Operations/Sec-threshold-Override_'), field('tags._amba-Data Disk Read Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskWriteBytessec_e45d685d-14c4-4422-8096-6f11d628fb20.json b/services/Compute/virtualMachines/templates/policy/DataDiskWriteBytessec_e45d685d-14c4-4422-8096-6f11d628fb20.json new file mode 100644 index 000000000..1ccdd7c17 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskWriteBytessec_e45d685d-14c4-4422-8096-6f11d628fb20.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e45d685d-14c4-4422-8096-6f11d628fb20", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Write Bytes/sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Write Bytes/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Write Bytes/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Write Bytes/sec-threshold-Override_'), field('tags._amba-Data Disk Write Bytes/sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Write Bytes/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Write Bytes/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Write Bytes/sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Write Bytes/sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Write Bytes/sec-threshold-Override_'), field('tags._amba-Data Disk Write Bytes/sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskWriteLatencyms_5c51e187-5b5d-428d-98d8-fb9ab4fea646.json b/services/Compute/virtualMachines/templates/policy/DataDiskWriteLatencyms_5c51e187-5b5d-428d-98d8-fb9ab4fea646.json new file mode 100644 index 000000000..fab58e695 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskWriteLatencyms_5c51e187-5b5d-428d-98d8-fb9ab4fea646.json @@ -0,0 +1,567 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_dataDiskWriteLatency_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Data Disk Write Latency Alert", + "description": "Policy to audit/deploy VM dataDiskWriteLatency Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "30" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Computers to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both windows and linux" + }, + "defaultValue": [ + "*" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMHighdataDiskWriteLatencyAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + }, + "computersToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMdataDiskWriteLatencyAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMHighdataDiskWriteLatencyAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMHighdataDiskWriteLatencyAlert')]", + "description": "Log Alert for Virtual Machine dataDiskWriteLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])|where Disk !in ('C:','/')| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DataDiskWriteOperationsSec_326b359d-e0a2-4055-8e1f-f9c5f9df5599.json b/services/Compute/virtualMachines/templates/policy/DataDiskWriteOperationsSec_326b359d-e0a2-4055-8e1f-f9c5f9df5599.json new file mode 100644 index 000000000..4daa38dcb --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DataDiskWriteOperationsSec_326b359d-e0a2-4055-8e1f-f9c5f9df5599.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "326b359d-e0a2-4055-8e1f-f9c5f9df5599", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Data Disk Write Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Data Disk Write Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Data Disk Write Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Data Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-Data Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Data Disk Write Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Data Disk Write Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Data Disk Write Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Data Disk Write Operations/Sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Data Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-Data Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DiskReadBytes_b9221998-f2bb-4ae8-b2c8-f9c4750e06f7.json b/services/Compute/virtualMachines/templates/policy/DiskReadBytes_b9221998-f2bb-4ae8-b2c8-f9c4750e06f7.json new file mode 100644 index 000000000..4d3851ef3 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DiskReadBytes_b9221998-f2bb-4ae8-b2c8-f9c4750e06f7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b9221998-f2bb-4ae8-b2c8-f9c4750e06f7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Disk Read Bytes Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Disk Read Bytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "4000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Read Bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Disk Read Bytes-threshold-Override_'), field('tags._amba-Disk Read Bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Read Bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Disk Read Bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Read Bytes", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Disk Read Bytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Disk Read Bytes-threshold-Override_'), field('tags._amba-Disk Read Bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DiskReadOperationsSec_8bc489c0-d2f7-43c1-9bb7-478c9503fb2e.json b/services/Compute/virtualMachines/templates/policy/DiskReadOperationsSec_8bc489c0-d2f7-43c1-9bb7-478c9503fb2e.json new file mode 100644 index 000000000..d35078ebd --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DiskReadOperationsSec_8bc489c0-d2f7-43c1-9bb7-478c9503fb2e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8bc489c0-d2f7-43c1-9bb7-478c9503fb2e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Disk Read Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Disk Read Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "400" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Read Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Disk Read Operations/Sec-threshold-Override_'), field('tags._amba-Disk Read Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Read Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Disk Read Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Read Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Disk Read Operations/Sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Disk Read Operations/Sec-threshold-Override_'), field('tags._amba-Disk Read Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DiskWriteBytes_b1cc650c-24fe-4f9e-a2ec-5757816526c0.json b/services/Compute/virtualMachines/templates/policy/DiskWriteBytes_b1cc650c-24fe-4f9e-a2ec-5757816526c0.json new file mode 100644 index 000000000..79a479ac0 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DiskWriteBytes_b1cc650c-24fe-4f9e-a2ec-5757816526c0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b1cc650c-24fe-4f9e-a2ec-5757816526c0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Disk Write Bytes Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Disk Write Bytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3500000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Write Bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Disk Write Bytes-threshold-Override_'), field('tags._amba-Disk Write Bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Write Bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Disk Write Bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Write Bytes", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Disk Write Bytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Disk Write Bytes-threshold-Override_'), field('tags._amba-Disk Write Bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/DiskWriteOperationsSec_edff41cb-d9b8-46ba-ba39-42747c1a4c4b.json b/services/Compute/virtualMachines/templates/policy/DiskWriteOperationsSec_edff41cb-d9b8-46ba-ba39-42747c1a4c4b.json new file mode 100644 index 000000000..74a131e05 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/DiskWriteOperationsSec_edff41cb-d9b8-46ba-ba39-42747c1a4c4b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "edff41cb-d9b8-46ba-ba39-42747c1a4c4b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Disk Write Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Disk Write Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Disk Write Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Disk Write Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Disk Write Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Disk Write Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Disk Write Operations/Sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/InboundFlows_6de4e570-4270-4e9b-949e-5680b061e7fd.json b/services/Compute/virtualMachines/templates/policy/InboundFlows_6de4e570-4270-4e9b-949e-5680b061e7fd.json new file mode 100644 index 000000000..47c687505 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/InboundFlows_6de4e570-4270-4e9b-949e-5680b061e7fd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6de4e570-4270-4e9b-949e-5680b061e7fd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Inbound Flows Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Inbound Flows Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Inbound Flows" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Inbound Flows-threshold-Override_'), field('tags._amba-Inbound Flows-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Inbound Flows')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Inbound Flows", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Inbound Flows", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Inbound Flows", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Inbound Flows-threshold-Override_'), field('tags._amba-Inbound Flows-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/NetworkInTotal_ea4501a3-1e77-4df1-ab61-3ee28ae529eb.json b/services/Compute/virtualMachines/templates/policy/NetworkInTotal_ea4501a3-1e77-4df1-ab61-3ee28ae529eb.json new file mode 100644 index 000000000..b40702d81 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/NetworkInTotal_ea4501a3-1e77-4df1-ab61-3ee28ae529eb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea4501a3-1e77-4df1-ab61-3ee28ae529eb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Network In Total Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Network In Total Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Network In Total" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Network In Total-threshold-Override_'), field('tags._amba-Network In Total-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Network In Total')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Network In Total", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Network In Total", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Network In Total", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Network In Total-threshold-Override_'), field('tags._amba-Network In Total-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/NetworkOutTotal_e2028144-b142-445c-b544-3bb438537c8f.json b/services/Compute/virtualMachines/templates/policy/NetworkOutTotal_e2028144-b142-445c-b544-3bb438537c8f.json new file mode 100644 index 000000000..d7f28d48b --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/NetworkOutTotal_e2028144-b142-445c-b544-3bb438537c8f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e2028144-b142-445c-b544-3bb438537c8f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Network Out Total Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Network Out Total Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "200000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Network Out Total" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Network Out Total-threshold-Override_'), field('tags._amba-Network Out Total-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Network Out Total')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Network Out Total", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Network Out Total", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Network Out Total", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Network Out Total-threshold-Override_'), field('tags._amba-Network Out Total-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/NetworkReadbytessec_b565e73f-71c8-4bb3-a792-903b67775497.json b/services/Compute/virtualMachines/templates/policy/NetworkReadbytessec_b565e73f-71c8-4bb3-a792-903b67775497.json new file mode 100644 index 000000000..3d6721e23 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/NetworkReadbytessec_b565e73f-71c8-4bb3-a792-903b67775497.json @@ -0,0 +1,567 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_NetworkIn_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Network Read Alert", + "description": "Policy to audit/deploy VM Network Read Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000000" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "networkInterfacesToInclude": { + "type": "array", + "metadata": { + "displayName": "Network Interface to be included to be monitored", + "description": "Array of Network Interface to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Computers to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMHighNetworkInAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Network\" and Name == \"ReadBytesPerSecond\"| extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"])|summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "computersToInclude": { + "type": "array" + }, + "networkInterfacesToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMNetworkInAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMHighNetworkInAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMHighNetworkInAlert')]", + "description": "Log Alert for Virtual Machine NetworkIn", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Network\" and Name == \"ReadBytesPerSecond\"| extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"])|summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "NetworkInterface", + "operator": "Include", + "values": "[[parameters('networkInterfacesToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "networkInterfacesToInclude": { + "value": "[[parameters('networkInterfacesToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "networkInterfacesToInclude": { + "value": "[[parameters('networkInterfacesToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/NetworkWritebytessec_552ca1f1-d69d-4bc2-b044-19f81b225fd4.json b/services/Compute/virtualMachines/templates/policy/NetworkWritebytessec_552ca1f1-d69d-4bc2-b044-19f81b225fd4.json new file mode 100644 index 000000000..643ce24ab --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/NetworkWritebytessec_552ca1f1-d69d-4bc2-b044-19f81b225fd4.json @@ -0,0 +1,567 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_NetworkOut_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM Network Write Alert", + "description": "Policy to audit/deploy VM Network Out Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000000" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Computers to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "networkInterfacesToInclude": { + "type": "array", + "metadata": { + "displayName": "Network Interface to be included to be monitored", + "description": "Array of Network Interface to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMHighNetworkOutAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Network\" and Name == \"WriteBytesPerSecond\"| extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"])|summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "computersToInclude": { + "type": "array" + }, + "networkInterfacesToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMNetworkOutAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMHighNetworkOutAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMHighNetworkOutAlert')]", + "description": "Log Alert for Virtual Machine NetworkOut", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Network\" and Name == \"WriteBytesPerSecond\"| extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"])|summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "NetworkInterface", + "operator": "Include", + "values": "[[parameters('networkInterfacesToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "networkInterfacesToInclude": { + "value": "[[parameters('networkInterfacesToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "networkInterfacesToInclude": { + "value": "[[parameters('networkInterfacesToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskBandwidthConsumedPercentage_f7e19635-0118-4040-83d5-2f4c2150aef1.json b/services/Compute/virtualMachines/templates/policy/OSDiskBandwidthConsumedPercentage_f7e19635-0118-4040-83d5-2f4c2150aef1.json new file mode 100644 index 000000000..5c6a218f8 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskBandwidthConsumedPercentage_f7e19635-0118-4040-83d5-2f4c2150aef1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f7e19635-0118-4040-83d5-2f4c2150aef1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk Bandwidth Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk Bandwidth Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk Bandwidth Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk Bandwidth Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk Bandwidth Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk Bandwidth Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk Bandwidth Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskFreeSpacePercentage_dca7af9f-cad2-4751-a61f-77d92c2ce523.json b/services/Compute/virtualMachines/templates/policy/OSDiskFreeSpacePercentage_dca7af9f-cad2-4751-a61f-77d92c2ce523.json new file mode 100644 index 000000000..b50872ee8 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskFreeSpacePercentage_dca7af9f-cad2-4751-a61f-77d92c2ce523.json @@ -0,0 +1,568 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_OSDiskSpace_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM OS Disk Space Alert", + "description": "Policy to audit/deploy VM OSDiskSpace Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "LessThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both windows and linux" + }, + "defaultValue": [ + "C:", + "/" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMLowOSDiskSpaceAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + }, + "computersToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMOSDiskSpaceAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMLowOSDiskSpaceAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMLowOSDiskSpaceAlert')]", + "description": "Log Alert for Virtual Machine OSDiskSpace", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskIOPSConsumedPercentage_a2bf3c43-d327-473b-9204-f77e2a0fe398.json b/services/Compute/virtualMachines/templates/policy/OSDiskIOPSConsumedPercentage_a2bf3c43-d327-473b-9204-f77e2a0fe398.json new file mode 100644 index 000000000..fcbbd7041 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskIOPSConsumedPercentage_a2bf3c43-d327-473b-9204-f77e2a0fe398.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a2bf3c43-d327-473b-9204-f77e2a0fe398", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-OS Disk IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskMaxBurstIOPS_916dc60b-b2d2-4708-9fa4-6a36b244f499.json b/services/Compute/virtualMachines/templates/policy/OSDiskMaxBurstIOPS_916dc60b-b2d2-4708-9fa4-6a36b244f499.json new file mode 100644 index 000000000..6e6b1191f --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskMaxBurstIOPS_916dc60b-b2d2-4708-9fa4-6a36b244f499.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "916dc60b-b2d2-4708-9fa4-6a36b244f499", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk Max Burst IOPS Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk Max Burst IOPS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk Max Burst IOPS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk Max Burst IOPS-threshold-Override_'), field('tags._amba-OS Disk Max Burst IOPS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk Max Burst IOPS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk Max Burst IOPS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk Max Burst IOPS", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk Max Burst IOPS", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk Max Burst IOPS-threshold-Override_'), field('tags._amba-OS Disk Max Burst IOPS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskQueueDepth_36262245-4c8a-4143-9ab4-68e9c23ae19a.json b/services/Compute/virtualMachines/templates/policy/OSDiskQueueDepth_36262245-4c8a-4143-9ab4-68e9c23ae19a.json new file mode 100644 index 000000000..3842d547a --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskQueueDepth_36262245-4c8a-4143-9ab4-68e9c23ae19a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "36262245-4c8a-4143-9ab4-68e9c23ae19a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk Queue Depth Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk Queue Depth Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk Queue Depth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk Queue Depth-threshold-Override_'), field('tags._amba-OS Disk Queue Depth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk Queue Depth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk Queue Depth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk Queue Depth", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk Queue Depth", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk Queue Depth-threshold-Override_'), field('tags._amba-OS Disk Queue Depth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskReadLatencyms_299ce963-728a-48c8-8b7d-e05b5f8a8f38.json b/services/Compute/virtualMachines/templates/policy/OSDiskReadLatencyms_299ce963-728a-48c8-8b7d-e05b5f8a8f38.json new file mode 100644 index 000000000..78bd96dc8 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskReadLatencyms_299ce963-728a-48c8-8b7d-e05b5f8a8f38.json @@ -0,0 +1,568 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_OSDiskreadLatency_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM OS Disk Read Latency Alert", + "description": "Policy to audit/deploy VM OSDiskreadLatency Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "30" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both windows and linux" + }, + "defaultValue": [ + "C:", + "/" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMLowOSDiskreadLatencyAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + }, + "computersToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMOSDiskreadLatencyAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMLowOSDiskreadLatencyAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMLowOSDiskreadLatencyAlert')]", + "description": "Log Alert for Virtual Machine OSDiskreadLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskWriteBytessec_929b095e-5ea1-48b4-bf4e-bfc1a941a908.json b/services/Compute/virtualMachines/templates/policy/OSDiskWriteBytessec_929b095e-5ea1-48b4-bf4e-bfc1a941a908.json new file mode 100644 index 000000000..7e0cc4fdd --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskWriteBytessec_929b095e-5ea1-48b4-bf4e-bfc1a941a908.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "929b095e-5ea1-48b4-bf4e-bfc1a941a908", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk Write Bytes/sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk Write Bytes/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "48000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk Write Bytes/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk Write Bytes/sec-threshold-Override_'), field('tags._amba-OS Disk Write Bytes/sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk Write Bytes/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk Write Bytes/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk Write Bytes/sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk Write Bytes/sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk Write Bytes/sec-threshold-Override_'), field('tags._amba-OS Disk Write Bytes/sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskWriteLatencyms_37d9da12-88e6-4c01-8772-384920d34458.json b/services/Compute/virtualMachines/templates/policy/OSDiskWriteLatencyms_37d9da12-88e6-4c01-8772-384920d34458.json new file mode 100644 index 000000000..4050ed95e --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskWriteLatencyms_37d9da12-88e6-4c01-8772-384920d34458.json @@ -0,0 +1,568 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_OSDiskwriteLatency_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM OS Disk Write Latency Alert", + "description": "Policy to audit/deploy VM OSDiskwriteLatency Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "1" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "disksToInclude": { + "type": "array", + "metadata": { + "displayName": "Disks to be included to be monitored", + "description": "Array of disk to be monitored for disk both windows and linux" + }, + "defaultValue": [ + "C:", + "/" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMLowOSDiskwriteLatencyAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "disksToInclude": { + "type": "array" + }, + "computersToInclude": { + "type": "array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMOSDiskwriteLatencyAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMLowOSDiskwriteLatencyAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMLowOSDiskwriteLatencyAlert')]", + "description": "Log Alert for Virtual Machine OSDiskwriteLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\"| extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"])| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": "[[parameters('computersToInclude')]" + }, + { + "name": "Disk", + "operator": "Include", + "values": "[[parameters('disksToInclude')]" + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "disksToInclude": { + "value": "[[parameters('disksToInclude')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OSDiskWriteOperationsSec_3be4037a-c692-402d-843d-b3fe43053edf.json b/services/Compute/virtualMachines/templates/policy/OSDiskWriteOperationsSec_3be4037a-c692-402d-843d-b3fe43053edf.json new file mode 100644 index 000000000..c11134b3a --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OSDiskWriteOperationsSec_3be4037a-c692-402d-843d-b3fe43053edf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3be4037a-c692-402d-843d-b3fe43053edf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines OS Disk Write Operations/Sec Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines OS Disk Write Operations/Sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "200" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OS Disk Write Operations/Sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OS Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-OS Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OS Disk Write Operations/Sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines OS Disk Write Operations/Sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OS Disk Write Operations/Sec", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "OS Disk Write Operations/Sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OS Disk Write Operations/Sec-threshold-Override_'), field('tags._amba-OS Disk Write Operations/Sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/OutboundFlows_a477bf96-4b0f-471c-b5d3-0acdb59612e6.json b/services/Compute/virtualMachines/templates/policy/OutboundFlows_a477bf96-4b0f-471c-b5d3-0acdb59612e6.json new file mode 100644 index 000000000..0fcf44cba --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/OutboundFlows_a477bf96-4b0f-471c-b5d3-0acdb59612e6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a477bf96-4b0f-471c-b5d3-0acdb59612e6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Outbound Flows Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Outbound Flows Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Outbound Flows" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Outbound Flows-threshold-Override_'), field('tags._amba-Outbound Flows-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Outbound Flows')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Outbound Flows", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Outbound Flows", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Outbound Flows", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Outbound Flows-threshold-Override_'), field('tags._amba-Outbound Flows-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/PercentageCPU_a9bac9fd-2382-4ce1-b68b-8898caf45038.json b/services/Compute/virtualMachines/templates/policy/PercentageCPU_a9bac9fd-2382-4ce1-b68b-8898caf45038.json new file mode 100644 index 000000000..7ae621382 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/PercentageCPU_a9bac9fd-2382-4ce1-b68b-8898caf45038.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a9bac9fd-2382-4ce1-b68b-8898caf45038", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines Percentage CPU Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines Percentage CPU Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Percentage CPU" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Percentage CPU')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines Percentage CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Percentage CPU", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "Percentage CPU", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Percentage CPU-threshold-Override_'), field('tags._amba-Percentage CPU-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/ProcessorUtilizationPercentage_56d57b79-b7c3-4a17-a96b-3fc7152d9c5c.json b/services/Compute/virtualMachines/templates/policy/ProcessorUtilizationPercentage_56d57b79-b7c3-4a17-a96b-3fc7152d9c5c.json new file mode 100644 index 000000000..0d716ea56 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/ProcessorUtilizationPercentage_56d57b79-b7c3-4a17-a96b-3fc7152d9c5c.json @@ -0,0 +1,509 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_VM_CPU_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VM CPU Alert", + "description": "Policy to audit/deploy VM CPU Alert", + "metadata": { + "version": "1.2.0", + "category": "Compute", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "Equals", + "GreaterThan", + "GreaterThanOrEqual", + "LessThan", + "LessThanOrEqual" + ], + "defaultValue": "GreaterThan" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Average", + "Count", + "Maximum", + "Minimum", + "Total" + ], + "defaultValue": "Average" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-VMHighCPUAlert')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledqueryrules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold", + "equals": "[[parameters('threshold')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "1" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Processor\" and Name == \"UtilizationPercentage\"| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "VMCPUAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-VMHighCPUAlert')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-VMHighCPUAlert')]", + "description": "Log Alert for Virtual Machine CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "Microsoft.Compute/virtualMachines" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "InsightsMetrics| where Origin == \"vm.azm.ms\"| where Namespace == \"Processor\" and Name == \"UtilizationPercentage\"| summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId", + "metricMeasureColumn": "AggregatedValue", + "threshold": "[[parameters('threshold')]", + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + { + "name": "Computer", + "operator": "Include", + "values": [ + "*" + ] + } + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "1", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/VMCachedBandwidthConsumedPercentage_eb85f15b-b705-418f-b8ed-93d8cc7a9a6c.json b/services/Compute/virtualMachines/templates/policy/VMCachedBandwidthConsumedPercentage_eb85f15b-b705-418f-b8ed-93d8cc7a9a6c.json new file mode 100644 index 000000000..9cae01ec3 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/VMCachedBandwidthConsumedPercentage_eb85f15b-b705-418f-b8ed-93d8cc7a9a6c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "eb85f15b-b705-418f-b8ed-93d8cc7a9a6c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines VM Cached Bandwidth Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines VM Cached Bandwidth Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VM Cached Bandwidth Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VM Cached Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-VM Cached Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VM Cached Bandwidth Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines VM Cached Bandwidth Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VM Cached Bandwidth Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "VM Cached Bandwidth Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VM Cached Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-VM Cached Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/VMCachedIOPSConsumedPercentage_c878115f-2a89-446e-8980-ef4f152120c5.json b/services/Compute/virtualMachines/templates/policy/VMCachedIOPSConsumedPercentage_c878115f-2a89-446e-8980-ef4f152120c5.json new file mode 100644 index 000000000..4918f92e7 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/VMCachedIOPSConsumedPercentage_c878115f-2a89-446e-8980-ef4f152120c5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c878115f-2a89-446e-8980-ef4f152120c5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines VM Cached IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines VM Cached IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VM Cached IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VM Cached IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-VM Cached IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VM Cached IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines VM Cached IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VM Cached IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "VM Cached IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VM Cached IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-VM Cached IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/VMUncachedBandwidthConsumedPercentage_e3981e7b-fd8b-4e07-bb68-d598c020c12d.json b/services/Compute/virtualMachines/templates/policy/VMUncachedBandwidthConsumedPercentage_e3981e7b-fd8b-4e07-bb68-d598c020c12d.json new file mode 100644 index 000000000..808ec8184 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/VMUncachedBandwidthConsumedPercentage_e3981e7b-fd8b-4e07-bb68-d598c020c12d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e3981e7b-fd8b-4e07-bb68-d598c020c12d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines VM Uncached Bandwidth Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines VM Uncached Bandwidth Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VM Uncached Bandwidth Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VM Uncached Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-VM Uncached Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VM Uncached Bandwidth Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines VM Uncached Bandwidth Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VM Uncached Bandwidth Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "VM Uncached Bandwidth Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VM Uncached Bandwidth Consumed Percentage-threshold-Override_'), field('tags._amba-VM Uncached Bandwidth Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/VMUncachedIOPSConsumedPercentage_765ceb5b-ec1d-44d7-b94d-bb139030df81.json b/services/Compute/virtualMachines/templates/policy/VMUncachedIOPSConsumedPercentage_765ceb5b-ec1d-44d7-b94d-bb139030df81.json new file mode 100644 index 000000000..de2754c76 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/VMUncachedIOPSConsumedPercentage_765ceb5b-ec1d-44d7-b94d-bb139030df81.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "765ceb5b-ec1d-44d7-b94d-bb139030df81", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines VM Uncached IOPS Consumed Percentage Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines VM Uncached IOPS Consumed Percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VM Uncached IOPS Consumed Percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VM Uncached IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-VM Uncached IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VM Uncached IOPS Consumed Percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines VM Uncached IOPS Consumed Percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VM Uncached IOPS Consumed Percentage", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "VM Uncached IOPS Consumed Percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VM Uncached IOPS Consumed Percentage-threshold-Override_'), field('tags._amba-VM Uncached IOPS Consumed Percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Compute/virtualMachines/templates/policy/VmAvailabilityMetric_3fa5376a-705a-48e4-b314-6282a74c9f7c.json b/services/Compute/virtualMachines/templates/policy/VmAvailabilityMetric_3fa5376a-705a-48e4-b314-6282a74c9f7c.json new file mode 100644 index 000000000..52f05a507 --- /dev/null +++ b/services/Compute/virtualMachines/templates/policy/VmAvailabilityMetric_3fa5376a-705a-48e4-b314-6282a74c9f7c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3fa5376a-705a-48e4-b314-6282a74c9f7c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Compute virtualMachines VmAvailabilityMetric Alert", + "description": "Policy to Audit/Deploy Compute virtualMachines VmAvailabilityMetric Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Compute", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Compute/virtualMachines" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VmAvailabilityMetric" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Compute/virtualMachines/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VmAvailabilityMetric-threshold-Override_'), field('tags._amba-VmAvailabilityMetric-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VmAvailabilityMetric')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Compute virtualMachines VmAvailabilityMetric", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VmAvailabilityMetric", + "metricNamespace": "Microsoft.Compute/virtualMachines", + "metricName": "VmAvailabilityMetric", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VmAvailabilityMetric-threshold-Override_'), field('tags._amba-VmAvailabilityMetric-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerInstance/containerGroups/templates/policy/CpuUsage_970af9d6-9212-420d-af7b-4fbd790a2596.json b/services/ContainerInstance/containerGroups/templates/policy/CpuUsage_970af9d6-9212-420d-af7b-4fbd790a2596.json new file mode 100644 index 000000000..bc907bb23 --- /dev/null +++ b/services/ContainerInstance/containerGroups/templates/policy/CpuUsage_970af9d6-9212-420d-af7b-4fbd790a2596.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "970af9d6-9212-420d-af7b-4fbd790a2596", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerInstance containerGroups CpuUsage Alert", + "description": "Policy to Audit/Deploy ContainerInstance containerGroups CpuUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerInstance", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CpuUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerInstance/containerGroups/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CpuUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerInstance containerGroups CpuUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CpuUsage", + "metricNamespace": "Microsoft.ContainerInstance/containerGroups", + "metricName": "CpuUsage", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerInstance/containerGroups/templates/policy/MemoryUsage_4758386e-12ee-411a-9e49-445b5c5c3051.json b/services/ContainerInstance/containerGroups/templates/policy/MemoryUsage_4758386e-12ee-411a-9e49-445b5c5c3051.json new file mode 100644 index 000000000..e2c8eab1c --- /dev/null +++ b/services/ContainerInstance/containerGroups/templates/policy/MemoryUsage_4758386e-12ee-411a-9e49-445b5c5c3051.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4758386e-12ee-411a-9e49-445b5c5c3051", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerInstance containerGroups MemoryUsage Alert", + "description": "Policy to Audit/Deploy ContainerInstance containerGroups MemoryUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerInstance", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MemoryUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerInstance/containerGroups/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MemoryUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerInstance containerGroups MemoryUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MemoryUsage", + "metricNamespace": "Microsoft.ContainerInstance/containerGroups", + "metricName": "MemoryUsage", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesReceivedPerSecond_8beff742-9cd8-43ed-9680-57ae35bee6e8.json b/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesReceivedPerSecond_8beff742-9cd8-43ed-9680-57ae35bee6e8.json new file mode 100644 index 000000000..d55b0c49a --- /dev/null +++ b/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesReceivedPerSecond_8beff742-9cd8-43ed-9680-57ae35bee6e8.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8beff742-9cd8-43ed-9680-57ae35bee6e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerInstance containerGroups NetworkBytesReceivedPerSecond Alert", + "description": "Policy to Audit/Deploy ContainerInstance containerGroups NetworkBytesReceivedPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerInstance", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NetworkBytesReceivedPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerInstance/containerGroups/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NetworkBytesReceivedPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerInstance containerGroups NetworkBytesReceivedPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NetworkBytesReceivedPerSecond", + "metricNamespace": "Microsoft.ContainerInstance/containerGroups", + "metricName": "NetworkBytesReceivedPerSecond", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesTransmittedPerSecond_5b26b965-2662-4a89-9d7e-771486357f39.json b/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesTransmittedPerSecond_5b26b965-2662-4a89-9d7e-771486357f39.json new file mode 100644 index 000000000..ce6cd6ebe --- /dev/null +++ b/services/ContainerInstance/containerGroups/templates/policy/NetworkBytesTransmittedPerSecond_5b26b965-2662-4a89-9d7e-771486357f39.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5b26b965-2662-4a89-9d7e-771486357f39", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerInstance containerGroups NetworkBytesTransmittedPerSecond Alert", + "description": "Policy to Audit/Deploy ContainerInstance containerGroups NetworkBytesTransmittedPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerInstance", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerInstance/containerGroups" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NetworkBytesTransmittedPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerInstance/containerGroups/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NetworkBytesTransmittedPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerInstance containerGroups NetworkBytesTransmittedPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NetworkBytesTransmittedPerSecond", + "metricNamespace": "Microsoft.ContainerInstance/containerGroups", + "metricName": "NetworkBytesTransmittedPerSecond", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerRegistry/registries/templates/policy/StorageUsed_42995506-5bd2-4687-9316-d9399919990b.json b/services/ContainerRegistry/registries/templates/policy/StorageUsed_42995506-5bd2-4687-9316-d9399919990b.json new file mode 100644 index 000000000..bb1ff6ecc --- /dev/null +++ b/services/ContainerRegistry/registries/templates/policy/StorageUsed_42995506-5bd2-4687-9316-d9399919990b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "42995506-5bd2-4687-9316-d9399919990b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerRegistry registries StorageUsed Alert", + "description": "Policy to Audit/Deploy ContainerRegistry registries StorageUsed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerRegistry", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "StorageUsed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerRegistry/registries/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-StorageUsed-threshold-Override_'), field('tags._amba-StorageUsed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-StorageUsed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerRegistry registries StorageUsed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "StorageUsed", + "metricNamespace": "Microsoft.ContainerRegistry/registries", + "metricName": "StorageUsed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-StorageUsed-threshold-Override_'), field('tags._amba-StorageUsed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerRegistry/registries/templates/policy/StorageUsed_fa9efde4-3586-4595-a442-b7e97f70fe91.json b/services/ContainerRegistry/registries/templates/policy/StorageUsed_fa9efde4-3586-4595-a442-b7e97f70fe91.json new file mode 100644 index 000000000..969987d16 --- /dev/null +++ b/services/ContainerRegistry/registries/templates/policy/StorageUsed_fa9efde4-3586-4595-a442-b7e97f70fe91.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fa9efde4-3586-4595-a442-b7e97f70fe91", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerRegistry registries StorageUsed Alert", + "description": "Policy to Audit/Deploy ContainerRegistry registries StorageUsed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerRegistry", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "429496729600" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "StorageUsed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerRegistry/registries/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-StorageUsed-threshold-Override_'), field('tags._amba-StorageUsed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-StorageUsed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerRegistry registries StorageUsed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "StorageUsed", + "metricNamespace": "Microsoft.ContainerRegistry/registries", + "metricName": "StorageUsed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-StorageUsed-threshold-Override_'), field('tags._amba-StorageUsed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerRegistry/registries/templates/policy/SuccessfulPullCount_b8c8a846-a8d0-4e8f-b854-030955a20135.json b/services/ContainerRegistry/registries/templates/policy/SuccessfulPullCount_b8c8a846-a8d0-4e8f-b854-030955a20135.json new file mode 100644 index 000000000..7d711a072 --- /dev/null +++ b/services/ContainerRegistry/registries/templates/policy/SuccessfulPullCount_b8c8a846-a8d0-4e8f-b854-030955a20135.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b8c8a846-a8d0-4e8f-b854-030955a20135", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerRegistry registries SuccessfulPullCount Alert", + "description": "Policy to Audit/Deploy ContainerRegistry registries SuccessfulPullCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerRegistry", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SuccessfulPullCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerRegistry/registries/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SuccessfulPullCount-threshold-Override_'), field('tags._amba-SuccessfulPullCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SuccessfulPullCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerRegistry registries SuccessfulPullCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SuccessfulPullCount", + "metricNamespace": "Microsoft.ContainerRegistry/registries", + "metricName": "SuccessfulPullCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SuccessfulPullCount-threshold-Override_'), field('tags._amba-SuccessfulPullCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerRegistry/registries/templates/policy/SuccessfulPushCount_9dca87c2-de00-40fd-b0bb-c8335e5f978a.json b/services/ContainerRegistry/registries/templates/policy/SuccessfulPushCount_9dca87c2-de00-40fd-b0bb-c8335e5f978a.json new file mode 100644 index 000000000..08bf8cc4e --- /dev/null +++ b/services/ContainerRegistry/registries/templates/policy/SuccessfulPushCount_9dca87c2-de00-40fd-b0bb-c8335e5f978a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9dca87c2-de00-40fd-b0bb-c8335e5f978a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerRegistry registries SuccessfulPushCount Alert", + "description": "Policy to Audit/Deploy ContainerRegistry registries SuccessfulPushCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerRegistry", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerRegistry/registries" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SuccessfulPushCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerRegistry/registries/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SuccessfulPushCount-threshold-Override_'), field('tags._amba-SuccessfulPushCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SuccessfulPushCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerRegistry registries SuccessfulPushCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SuccessfulPushCount", + "metricNamespace": "Microsoft.ContainerRegistry/registries", + "metricName": "SuccessfulPushCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SuccessfulPushCount-threshold-Override_'), field('tags._amba-SuccessfulPushCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_cluster_safe_to_autoscale_49fd8bac-d061-459d-8d80-a048c4c8ba56.json b/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_cluster_safe_to_autoscale_49fd8bac-d061-459d-8d80-a048c4c8ba56.json new file mode 100644 index 000000000..0fad2e90b --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_cluster_safe_to_autoscale_49fd8bac-d061-459d-8d80-a048c4c8ba56.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "49fd8bac-d061-459d-8d80-a048c4c8ba56", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters cluster_autoscaler_cluster_safe_to_autoscale Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters cluster_autoscaler_cluster_safe_to_autoscale Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cluster_autoscaler_cluster_safe_to_autoscale" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cluster_autoscaler_cluster_safe_to_autoscale-threshold-Override_'), field('tags._amba-cluster_autoscaler_cluster_safe_to_autoscale-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cluster_autoscaler_cluster_safe_to_autoscale')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters cluster_autoscaler_cluster_safe_to_autoscale", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cluster_autoscaler_cluster_safe_to_autoscale", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "cluster_autoscaler_cluster_safe_to_autoscale", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cluster_autoscaler_cluster_safe_to_autoscale-threshold-Override_'), field('tags._amba-cluster_autoscaler_cluster_safe_to_autoscale-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_unschedulable_pods_count_301ca0e3-fc88-4285-be99-a2a587c412f5.json b/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_unschedulable_pods_count_301ca0e3-fc88-4285-be99-a2a587c412f5.json new file mode 100644 index 000000000..5ffb329f8 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/cluster_autoscaler_unschedulable_pods_count_301ca0e3-fc88-4285-be99-a2a587c412f5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "301ca0e3-fc88-4285-be99-a2a587c412f5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters cluster_autoscaler_unschedulable_pods_count Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters cluster_autoscaler_unschedulable_pods_count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cluster_autoscaler_unschedulable_pods_count" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cluster_autoscaler_unschedulable_pods_count-threshold-Override_'), field('tags._amba-cluster_autoscaler_unschedulable_pods_count-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cluster_autoscaler_unschedulable_pods_count')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters cluster_autoscaler_unschedulable_pods_count", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cluster_autoscaler_unschedulable_pods_count", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "cluster_autoscaler_unschedulable_pods_count", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cluster_autoscaler_unschedulable_pods_count-threshold-Override_'), field('tags._amba-cluster_autoscaler_unschedulable_pods_count-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_cpu_cores_64a872f9-5ec6-4121-acad-edd12f4c3466.json b/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_cpu_cores_64a872f9-5ec6-4121-acad-edd12f4c3466.json new file mode 100644 index 000000000..6603c4ee8 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_cpu_cores_64a872f9-5ec6-4121-acad-edd12f4c3466.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "64a872f9-5ec6-4121-acad-edd12f4c3466", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters kube_node_status_allocatable_cpu_cores Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters kube_node_status_allocatable_cpu_cores Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "kube_node_status_allocatable_cpu_cores" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-kube_node_status_allocatable_cpu_cores-threshold-Override_'), field('tags._amba-kube_node_status_allocatable_cpu_cores-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-kube_node_status_allocatable_cpu_cores')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters kube_node_status_allocatable_cpu_cores", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "kube_node_status_allocatable_cpu_cores", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "kube_node_status_allocatable_cpu_cores", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-kube_node_status_allocatable_cpu_cores-threshold-Override_'), field('tags._amba-kube_node_status_allocatable_cpu_cores-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_memory_bytes_14fa63fb-7da9-4d2e-9de9-203c4a3e0401.json b/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_memory_bytes_14fa63fb-7da9-4d2e-9de9-203c4a3e0401.json new file mode 100644 index 000000000..e039de4a4 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/kube_node_status_allocatable_memory_bytes_14fa63fb-7da9-4d2e-9de9-203c4a3e0401.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "14fa63fb-7da9-4d2e-9de9-203c4a3e0401", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters kube_node_status_allocatable_memory_bytes Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters kube_node_status_allocatable_memory_bytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2147483648" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "kube_node_status_allocatable_memory_bytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-kube_node_status_allocatable_memory_bytes-threshold-Override_'), field('tags._amba-kube_node_status_allocatable_memory_bytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-kube_node_status_allocatable_memory_bytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters kube_node_status_allocatable_memory_bytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "kube_node_status_allocatable_memory_bytes", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "kube_node_status_allocatable_memory_bytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-kube_node_status_allocatable_memory_bytes-threshold-Override_'), field('tags._amba-kube_node_status_allocatable_memory_bytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/kube_node_status_condition_ebbbbb92-5208-4d52-b407-6bea8e4473b9.json b/services/ContainerService/managedClusters/templates/policy/kube_node_status_condition_ebbbbb92-5208-4d52-b407-6bea8e4473b9.json new file mode 100644 index 000000000..746fea8f2 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/kube_node_status_condition_ebbbbb92-5208-4d52-b407-6bea8e4473b9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ebbbbb92-5208-4d52-b407-6bea8e4473b9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters kube_node_status_condition Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters kube_node_status_condition Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "kube_node_status_condition" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-kube_node_status_condition-threshold-Override_'), field('tags._amba-kube_node_status_condition-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-kube_node_status_condition')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters kube_node_status_condition", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "kube_node_status_condition", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "kube_node_status_condition", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-kube_node_status_condition-threshold-Override_'), field('tags._amba-kube_node_status_condition-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/kube_pod_status_phase_e38e6e11-ac88-4014-98c8-8e64f70b832a.json b/services/ContainerService/managedClusters/templates/policy/kube_pod_status_phase_e38e6e11-ac88-4014-98c8-8e64f70b832a.json new file mode 100644 index 000000000..9d1e69263 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/kube_pod_status_phase_e38e6e11-ac88-4014-98c8-8e64f70b832a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e38e6e11-ac88-4014-98c8-8e64f70b832a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters kube_pod_status_phase Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters kube_pod_status_phase Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "kube_pod_status_phase" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-kube_pod_status_phase-threshold-Override_'), field('tags._amba-kube_pod_status_phase-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-kube_pod_status_phase')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters kube_pod_status_phase", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "kube_pod_status_phase", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "kube_pod_status_phase", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-kube_pod_status_phase-threshold-Override_'), field('tags._amba-kube_pod_status_phase-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/kube_pod_status_ready_cebf00b7-7294-4cf7-bc50-108f999d0c67.json b/services/ContainerService/managedClusters/templates/policy/kube_pod_status_ready_cebf00b7-7294-4cf7-bc50-108f999d0c67.json new file mode 100644 index 000000000..a21b851bf --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/kube_pod_status_ready_cebf00b7-7294-4cf7-bc50-108f999d0c67.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cebf00b7-7294-4cf7-bc50-108f999d0c67", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters kube_pod_status_ready Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters kube_pod_status_ready Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "kube_pod_status_ready" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-kube_pod_status_ready-threshold-Override_'), field('tags._amba-kube_pod_status_ready-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-kube_pod_status_ready')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters kube_pod_status_ready", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "kube_pod_status_ready", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "kube_pod_status_ready", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-kube_pod_status_ready-threshold-Override_'), field('tags._amba-kube_pod_status_ready-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/node_cpu_usage_percentage_1303e91d-bc80-4ec2-937e-1d179fc32b43.json b/services/ContainerService/managedClusters/templates/policy/node_cpu_usage_percentage_1303e91d-bc80-4ec2-937e-1d179fc32b43.json new file mode 100644 index 000000000..1459ade7b --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/node_cpu_usage_percentage_1303e91d-bc80-4ec2-937e-1d179fc32b43.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1303e91d-bc80-4ec2-937e-1d179fc32b43", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters node_cpu_usage_percentage Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters node_cpu_usage_percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "node_cpu_usage_percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-node_cpu_usage_percentage-threshold-Override_'), field('tags._amba-node_cpu_usage_percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-node_cpu_usage_percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters node_cpu_usage_percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "node_cpu_usage_percentage", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "node_cpu_usage_percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-node_cpu_usage_percentage-threshold-Override_'), field('tags._amba-node_cpu_usage_percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/node_disk_usage_percentage_aa3c5697-5cca-4c16-a37e-94f1d580701e.json b/services/ContainerService/managedClusters/templates/policy/node_disk_usage_percentage_aa3c5697-5cca-4c16-a37e-94f1d580701e.json new file mode 100644 index 000000000..a95990fc6 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/node_disk_usage_percentage_aa3c5697-5cca-4c16-a37e-94f1d580701e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "aa3c5697-5cca-4c16-a37e-94f1d580701e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters node_disk_usage_percentage Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters node_disk_usage_percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "node_disk_usage_percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-node_disk_usage_percentage-threshold-Override_'), field('tags._amba-node_disk_usage_percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-node_disk_usage_percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters node_disk_usage_percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "node_disk_usage_percentage", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "node_disk_usage_percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-node_disk_usage_percentage-threshold-Override_'), field('tags._amba-node_disk_usage_percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/node_memory_rss_percentage_e89e023e-117b-4db4-bfb2-853849e273f5.json b/services/ContainerService/managedClusters/templates/policy/node_memory_rss_percentage_e89e023e-117b-4db4-bfb2-853849e273f5.json new file mode 100644 index 000000000..4606846b6 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/node_memory_rss_percentage_e89e023e-117b-4db4-bfb2-853849e273f5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e89e023e-117b-4db4-bfb2-853849e273f5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters node_memory_rss_percentage Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters node_memory_rss_percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "node_memory_rss_percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-node_memory_rss_percentage-threshold-Override_'), field('tags._amba-node_memory_rss_percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-node_memory_rss_percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters node_memory_rss_percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "node_memory_rss_percentage", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "node_memory_rss_percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-node_memory_rss_percentage-threshold-Override_'), field('tags._amba-node_memory_rss_percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ContainerService/managedClusters/templates/policy/node_memory_working_set_percentage_9ae2dfbf-d69b-4802-8497-8b7836bef5e9.json b/services/ContainerService/managedClusters/templates/policy/node_memory_working_set_percentage_9ae2dfbf-d69b-4802-8497-8b7836bef5e9.json new file mode 100644 index 000000000..c615ce8b1 --- /dev/null +++ b/services/ContainerService/managedClusters/templates/policy/node_memory_working_set_percentage_9ae2dfbf-d69b-4802-8497-8b7836bef5e9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9ae2dfbf-d69b-4802-8497-8b7836bef5e9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ContainerService managedClusters node_memory_working_set_percentage Alert", + "description": "Policy to Audit/Deploy ContainerService managedClusters node_memory_working_set_percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ContainerService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ContainerService/managedClusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "node_memory_working_set_percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ContainerService/managedClusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-node_memory_working_set_percentage-threshold-Override_'), field('tags._amba-node_memory_working_set_percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-node_memory_working_set_percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ContainerService managedClusters node_memory_working_set_percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "node_memory_working_set_percentage", + "metricNamespace": "Microsoft.ContainerService/managedClusters", + "metricName": "node_memory_working_set_percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-node_memory_working_set_percentage-threshold-Override_'), field('tags._amba-node_memory_working_set_percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMariaDB/servers/templates/policy/cpu_percent_0f19979d-9dc2-4636-8e15-435bbfa1f0f9.json b/services/DBforMariaDB/servers/templates/policy/cpu_percent_0f19979d-9dc2-4636-8e15-435bbfa1f0f9.json new file mode 100644 index 000000000..e69e50a83 --- /dev/null +++ b/services/DBforMariaDB/servers/templates/policy/cpu_percent_0f19979d-9dc2-4636-8e15-435bbfa1f0f9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0f19979d-9dc2-4636-8e15-435bbfa1f0f9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMariaDB servers cpu_percent Alert", + "description": "Policy to Audit/Deploy DBforMariaDB servers cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMariaDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMariaDB/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMariaDB servers cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.DBforMariaDB/servers", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMariaDB/servers/templates/policy/io_consumption_percent_13bbfe6e-3b65-4940-9344-6d1cc78e7d54.json b/services/DBforMariaDB/servers/templates/policy/io_consumption_percent_13bbfe6e-3b65-4940-9344-6d1cc78e7d54.json new file mode 100644 index 000000000..f01bd3959 --- /dev/null +++ b/services/DBforMariaDB/servers/templates/policy/io_consumption_percent_13bbfe6e-3b65-4940-9344-6d1cc78e7d54.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "13bbfe6e-3b65-4940-9344-6d1cc78e7d54", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMariaDB servers io_consumption_percent Alert", + "description": "Policy to Audit/Deploy DBforMariaDB servers io_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMariaDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "io_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMariaDB/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-io_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMariaDB servers io_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "io_consumption_percent", + "metricNamespace": "Microsoft.DBforMariaDB/servers", + "metricName": "io_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMariaDB/servers/templates/policy/memory_percent_faf01668-c98a-4755-ae74-9dd4151f4c39.json b/services/DBforMariaDB/servers/templates/policy/memory_percent_faf01668-c98a-4755-ae74-9dd4151f4c39.json new file mode 100644 index 000000000..fbee09521 --- /dev/null +++ b/services/DBforMariaDB/servers/templates/policy/memory_percent_faf01668-c98a-4755-ae74-9dd4151f4c39.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "faf01668-c98a-4755-ae74-9dd4151f4c39", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMariaDB servers memory_percent Alert", + "description": "Policy to Audit/Deploy DBforMariaDB servers memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMariaDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMariaDB/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMariaDB servers memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_percent", + "metricNamespace": "Microsoft.DBforMariaDB/servers", + "metricName": "memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMariaDB/servers/templates/policy/storage_percent_ef38051a-d9e3-4705-b208-29a421e729be.json b/services/DBforMariaDB/servers/templates/policy/storage_percent_ef38051a-d9e3-4705-b208-29a421e729be.json new file mode 100644 index 000000000..a30eb1c88 --- /dev/null +++ b/services/DBforMariaDB/servers/templates/policy/storage_percent_ef38051a-d9e3-4705-b208-29a421e729be.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ef38051a-d9e3-4705-b208-29a421e729be", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMariaDB servers storage_percent Alert", + "description": "Policy to Audit/Deploy DBforMariaDB servers storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMariaDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMariaDB/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMariaDB/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMariaDB servers storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.DBforMariaDB/servers", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/aborted_connections_269d640c-b6ba-45e1-a52f-67708f9f99d7.json b/services/DBforMySQL/flexibleServers/templates/policy/aborted_connections_269d640c-b6ba-45e1-a52f-67708f9f99d7.json new file mode 100644 index 000000000..08a5c729f --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/aborted_connections_269d640c-b6ba-45e1-a52f-67708f9f99d7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "269d640c-b6ba-45e1-a52f-67708f9f99d7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers aborted_connections Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers aborted_connections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "aborted_connections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-aborted_connections-threshold-Override_'), field('tags._amba-aborted_connections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-aborted_connections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers aborted_connections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "aborted_connections", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "aborted_connections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-aborted_connections-threshold-Override_'), field('tags._amba-aborted_connections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/active_connections_347674ce-8534-403d-8281-cac9ea6f412a.json b/services/DBforMySQL/flexibleServers/templates/policy/active_connections_347674ce-8534-403d-8281-cac9ea6f412a.json new file mode 100644 index 000000000..fcd8ac370 --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/active_connections_347674ce-8534-403d-8281-cac9ea6f412a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "347674ce-8534-403d-8281-cac9ea6f412a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers active_connections Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers active_connections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "active_connections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-active_connections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers active_connections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "active_connections", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "active_connections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/cpu_percent_218161be-4952-495b-aed1-03cccda3d42f.json b/services/DBforMySQL/flexibleServers/templates/policy/cpu_percent_218161be-4952-495b-aed1-03cccda3d42f.json new file mode 100644 index 000000000..70d0ec318 --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/cpu_percent_218161be-4952-495b-aed1-03cccda3d42f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "218161be-4952-495b-aed1-03cccda3d42f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers cpu_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/io_consumption_percent_a3601973-f48c-4bf2-8384-90d250702a79.json b/services/DBforMySQL/flexibleServers/templates/policy/io_consumption_percent_a3601973-f48c-4bf2-8384-90d250702a79.json new file mode 100644 index 000000000..f6dbc8440 --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/io_consumption_percent_a3601973-f48c-4bf2-8384-90d250702a79.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a3601973-f48c-4bf2-8384-90d250702a79", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers io_consumption_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers io_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "io_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-io_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers io_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "io_consumption_percent", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "io_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/memory_percent_757e2adf-60b8-4688-ae8f-03dd7dcd5226.json b/services/DBforMySQL/flexibleServers/templates/policy/memory_percent_757e2adf-60b8-4688-ae8f-03dd7dcd5226.json new file mode 100644 index 000000000..f5f2e804a --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/memory_percent_757e2adf-60b8-4688-ae8f-03dd7dcd5226.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "757e2adf-60b8-4688-ae8f-03dd7dcd5226", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers memory_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_percent", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/replication_lag_dfe563fc-0ec1-401d-a362-8d293a06d02b.json b/services/DBforMySQL/flexibleServers/templates/policy/replication_lag_dfe563fc-0ec1-401d-a362-8d293a06d02b.json new file mode 100644 index 000000000..1bcac7781 --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/replication_lag_dfe563fc-0ec1-401d-a362-8d293a06d02b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dfe563fc-0ec1-401d-a362-8d293a06d02b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers replication_lag Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers replication_lag Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "6000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "replication_lag" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-replication_lag-threshold-Override_'), field('tags._amba-replication_lag-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-replication_lag')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers replication_lag", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "replication_lag", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "replication_lag", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-replication_lag-threshold-Override_'), field('tags._amba-replication_lag-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/storage_limit_f285c23f-3b8e-428a-b289-8ff38a3c0e4b.json b/services/DBforMySQL/flexibleServers/templates/policy/storage_limit_f285c23f-3b8e-428a-b289-8ff38a3c0e4b.json new file mode 100644 index 000000000..7030fc86b --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/storage_limit_f285c23f-3b8e-428a-b289-8ff38a3c0e4b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f285c23f-3b8e-428a-b289-8ff38a3c0e4b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers storage_limit Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers storage_limit Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "15000000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_limit" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_limit-threshold-Override_'), field('tags._amba-storage_limit-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_limit')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers storage_limit", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_limit", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "storage_limit", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_limit-threshold-Override_'), field('tags._amba-storage_limit-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/flexibleServers/templates/policy/storage_percent_e6771f44-f6d3-4a27-a9e4-b402a79c2891.json b/services/DBforMySQL/flexibleServers/templates/policy/storage_percent_e6771f44-f6d3-4a27-a9e4-b402a79c2891.json new file mode 100644 index 000000000..e7f7cd137 --- /dev/null +++ b/services/DBforMySQL/flexibleServers/templates/policy/storage_percent_e6771f44-f6d3-4a27-a9e4-b402a79c2891.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e6771f44-f6d3-4a27-a9e4-b402a79c2891", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL flexibleServers storage_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL flexibleServers storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL flexibleServers storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.DBforMySQL/flexibleServers", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/active_connections_60453255-5e0e-4fa5-95b5-6c449bee6902.json b/services/DBforMySQL/servers/templates/policy/active_connections_60453255-5e0e-4fa5-95b5-6c449bee6902.json new file mode 100644 index 000000000..fc18387e4 --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/active_connections_60453255-5e0e-4fa5-95b5-6c449bee6902.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "60453255-5e0e-4fa5-95b5-6c449bee6902", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers active_connections Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers active_connections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "active_connections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-active_connections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers active_connections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "active_connections", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "active_connections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/connections_failed_f0767b27-b88b-46a1-ab90-37dc8c399358.json b/services/DBforMySQL/servers/templates/policy/connections_failed_f0767b27-b88b-46a1-ab90-37dc8c399358.json new file mode 100644 index 000000000..bff84b451 --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/connections_failed_f0767b27-b88b-46a1-ab90-37dc8c399358.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f0767b27-b88b-46a1-ab90-37dc8c399358", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers connections_failed Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers connections_failed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connections_failed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connections_failed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers connections_failed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connections_failed", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "connections_failed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/cpu_percent_173e6b88-e8a9-4763-becb-9c749878c767.json b/services/DBforMySQL/servers/templates/policy/cpu_percent_173e6b88-e8a9-4763-becb-9c749878c767.json new file mode 100644 index 000000000..ed8588f6f --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/cpu_percent_173e6b88-e8a9-4763-becb-9c749878c767.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "173e6b88-e8a9-4763-becb-9c749878c767", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers cpu_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/io_consumption_percent_978944c7-a049-4847-8483-dcf5baa92f6a.json b/services/DBforMySQL/servers/templates/policy/io_consumption_percent_978944c7-a049-4847-8483-dcf5baa92f6a.json new file mode 100644 index 000000000..9c66fd3eb --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/io_consumption_percent_978944c7-a049-4847-8483-dcf5baa92f6a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "978944c7-a049-4847-8483-dcf5baa92f6a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers io_consumption_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers io_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "io_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-io_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers io_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "io_consumption_percent", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "io_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/memory_percent_3a1dd0bd-ebe9-4f9b-b38c-88686a390bdd.json b/services/DBforMySQL/servers/templates/policy/memory_percent_3a1dd0bd-ebe9-4f9b-b38c-88686a390bdd.json new file mode 100644 index 000000000..d35f9ddbf --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/memory_percent_3a1dd0bd-ebe9-4f9b-b38c-88686a390bdd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3a1dd0bd-ebe9-4f9b-b38c-88686a390bdd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers memory_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_percent", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/seconds_behind_master_85466088-8eb2-4faa-81f2-1ea40d8b6953.json b/services/DBforMySQL/servers/templates/policy/seconds_behind_master_85466088-8eb2-4faa-81f2-1ea40d8b6953.json new file mode 100644 index 000000000..80a65afde --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/seconds_behind_master_85466088-8eb2-4faa-81f2-1ea40d8b6953.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "85466088-8eb2-4faa-81f2-1ea40d8b6953", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers seconds_behind_master Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers seconds_behind_master Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3600" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "seconds_behind_master" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-seconds_behind_master-threshold-Override_'), field('tags._amba-seconds_behind_master-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-seconds_behind_master')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers seconds_behind_master", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "seconds_behind_master", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "seconds_behind_master", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-seconds_behind_master-threshold-Override_'), field('tags._amba-seconds_behind_master-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/serverlog_storage_percent_af2b7bbb-9476-475a-b523-da3ee521eda7.json b/services/DBforMySQL/servers/templates/policy/serverlog_storage_percent_af2b7bbb-9476-475a-b523-da3ee521eda7.json new file mode 100644 index 000000000..622f9564d --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/serverlog_storage_percent_af2b7bbb-9476-475a-b523-da3ee521eda7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "af2b7bbb-9476-475a-b523-da3ee521eda7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers serverlog_storage_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers serverlog_storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "serverlog_storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-serverlog_storage_percent-threshold-Override_'), field('tags._amba-serverlog_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-serverlog_storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers serverlog_storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "serverlog_storage_percent", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "serverlog_storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-serverlog_storage_percent-threshold-Override_'), field('tags._amba-serverlog_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforMySQL/servers/templates/policy/storage_percent_4f988eb2-c420-4ef2-82ed-2569b21b70e1.json b/services/DBforMySQL/servers/templates/policy/storage_percent_4f988eb2-c420-4ef2-82ed-2569b21b70e1.json new file mode 100644 index 000000000..c0707c90f --- /dev/null +++ b/services/DBforMySQL/servers/templates/policy/storage_percent_4f988eb2-c420-4ef2-82ed-2569b21b70e1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4f988eb2-c420-4ef2-82ed-2569b21b70e1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforMySQL servers storage_percent Alert", + "description": "Policy to Audit/Deploy DBforMySQL servers storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforMySQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforMySQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforMySQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforMySQL servers storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.DBforMySQL/servers", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/active_connections_f9b59221-8055-449e-bfd5-7a056945c694.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/active_connections_f9b59221-8055-449e-bfd5-7a056945c694.json new file mode 100644 index 000000000..94ea02427 --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/active_connections_f9b59221-8055-449e-bfd5-7a056945c694.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f9b59221-8055-449e-bfd5-7a056945c694", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers active_connections Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers active_connections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "120" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "active_connections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-active_connections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers active_connections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "active_connections", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "active_connections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/connections_failed_5f9cdad0-db39-48c9-a4eb-3107b5b79414.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/connections_failed_5f9cdad0-db39-48c9-a4eb-3107b5b79414.json new file mode 100644 index 000000000..390984dd9 --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/connections_failed_5f9cdad0-db39-48c9-a4eb-3107b5b79414.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5f9cdad0-db39-48c9-a4eb-3107b5b79414", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers connections_failed Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers connections_failed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connections_failed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connections_failed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers connections_failed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connections_failed", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "connections_failed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/cpu_percent_389057c9-a0e0-4327-b89f-58c3dabb519d.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/cpu_percent_389057c9-a0e0-4327-b89f-58c3dabb519d.json new file mode 100644 index 000000000..05d13952c --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/cpu_percent_389057c9-a0e0-4327-b89f-58c3dabb519d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "389057c9-a0e0-4327-b89f-58c3dabb519d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers cpu_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/deadlocks_1904dd93-9655-403f-bb89-dc42e5ebc666.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/deadlocks_1904dd93-9655-403f-bb89-dc42e5ebc666.json new file mode 100644 index 000000000..e5c90929e --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/deadlocks_1904dd93-9655-403f-bb89-dc42e5ebc666.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1904dd93-9655-403f-bb89-dc42e5ebc666", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers deadlocks Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers deadlocks Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "deadlocks" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-deadlocks-threshold-Override_'), field('tags._amba-deadlocks-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-deadlocks')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers deadlocks", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "deadlocks", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "deadlocks", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-deadlocks-threshold-Override_'), field('tags._amba-deadlocks-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/disk_iops_consumed_percentage_5856ad80-7256-441f-8a62-af1fdc712018.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/disk_iops_consumed_percentage_5856ad80-7256-441f-8a62-af1fdc712018.json new file mode 100644 index 000000000..7a6fd2bbe --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/disk_iops_consumed_percentage_5856ad80-7256-441f-8a62-af1fdc712018.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5856ad80-7256-441f-8a62-af1fdc712018", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers disk_iops_consumed_percentage Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers disk_iops_consumed_percentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "disk_iops_consumed_percentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-disk_iops_consumed_percentage-threshold-Override_'), field('tags._amba-disk_iops_consumed_percentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-disk_iops_consumed_percentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers disk_iops_consumed_percentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "disk_iops_consumed_percentage", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "disk_iops_consumed_percentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-disk_iops_consumed_percentage-threshold-Override_'), field('tags._amba-disk_iops_consumed_percentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/iops_eb3e1fb3-83e9-4764-b6e1-532bb22ce1aa.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/iops_eb3e1fb3-83e9-4764-b6e1-532bb22ce1aa.json new file mode 100644 index 000000000..e1f7072f6 --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/iops_eb3e1fb3-83e9-4764-b6e1-532bb22ce1aa.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "eb3e1fb3-83e9-4764-b6e1-532bb22ce1aa", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers iops Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers iops Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "450" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "iops" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-iops-threshold-Override_'), field('tags._amba-iops-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-iops')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers iops", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "iops", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "iops", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-iops-threshold-Override_'), field('tags._amba-iops-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/is_db_alive_b0ac25d8-ae08-45e1-8a1e-5204514ad7bd.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/is_db_alive_b0ac25d8-ae08-45e1-8a1e-5204514ad7bd.json new file mode 100644 index 000000000..a6de77037 --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/is_db_alive_b0ac25d8-ae08-45e1-8a1e-5204514ad7bd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0ac25d8-ae08-45e1-8a1e-5204514ad7bd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers is_db_alive Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers is_db_alive Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "is_db_alive" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-is_db_alive-threshold-Override_'), field('tags._amba-is_db_alive-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-is_db_alive')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers is_db_alive", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "is_db_alive", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "is_db_alive", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-is_db_alive-threshold-Override_'), field('tags._amba-is_db_alive-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/maximum_used_transactionIDs_1103b9a5-3d3d-4aa8-a3c2-66958e32c220.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/maximum_used_transactionIDs_1103b9a5-3d3d-4aa8-a3c2-66958e32c220.json new file mode 100644 index 000000000..e6d8ce11b --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/maximum_used_transactionIDs_1103b9a5-3d3d-4aa8-a3c2-66958e32c220.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1103b9a5-3d3d-4aa8-a3c2-66958e32c220", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers maximum_used_transactionIDs Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers maximum_used_transactionIDs Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10737418240" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "maximum_used_transactionIDs" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-maximum_used_transactionIDs-threshold-Override_'), field('tags._amba-maximum_used_transactionIDs-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-maximum_used_transactionIDs')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers maximum_used_transactionIDs", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "maximum_used_transactionIDs", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "maximum_used_transactionIDs", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-maximum_used_transactionIDs-threshold-Override_'), field('tags._amba-maximum_used_transactionIDs-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/memory_percent_0c64aa8f-4bdb-4bb0-961c-d298000536af.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/memory_percent_0c64aa8f-4bdb-4bb0-961c-d298000536af.json new file mode 100644 index 000000000..59a4a717b --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/memory_percent_0c64aa8f-4bdb-4bb0-961c-d298000536af.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0c64aa8f-4bdb-4bb0-961c-d298000536af", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers memory_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_free_d389ee62-f431-4faa-a4bc-4a3d02cea182.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_free_d389ee62-f431-4faa-a4bc-4a3d02cea182.json new file mode 100644 index 000000000..55d6490bb --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_free_d389ee62-f431-4faa-a4bc-4a3d02cea182.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d389ee62-f431-4faa-a4bc-4a3d02cea182", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers storage_free Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers storage_free Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10737418240" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_free" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_free-threshold-Override_'), field('tags._amba-storage_free-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_free')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers storage_free", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_free", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "storage_free", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_free-threshold-Override_'), field('tags._amba-storage_free-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_percent_e397645f-359b-46d1-8182-d2cabab71aae.json b/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_percent_e397645f-359b-46d1-8182-d2cabab71aae.json new file mode 100644 index 000000000..a1326925d --- /dev/null +++ b/services/DBforPostgreSQL/flexibleServers/templates/policy/storage_percent_e397645f-359b-46d1-8182-d2cabab71aae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e397645f-359b-46d1-8182-d2cabab71aae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL flexibleServers storage_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL flexibleServers storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/flexibleServers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/flexibleServers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL flexibleServers storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/flexibleServers", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/active_connections_186c5227-a9f4-4cd0-a355-c8d28f359398.json b/services/DBforPostgreSQL/servers/templates/policy/active_connections_186c5227-a9f4-4cd0-a355-c8d28f359398.json new file mode 100644 index 000000000..c5e1619d4 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/active_connections_186c5227-a9f4-4cd0-a355-c8d28f359398.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "186c5227-a9f4-4cd0-a355-c8d28f359398", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers active_connections Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers active_connections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "120" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "active_connections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-active_connections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers active_connections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "active_connections", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "active_connections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-active_connections-threshold-Override_'), field('tags._amba-active_connections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/connections_failed_0a6de1a0-e4df-470f-9bc7-247838fc428c.json b/services/DBforPostgreSQL/servers/templates/policy/connections_failed_0a6de1a0-e4df-470f-9bc7-247838fc428c.json new file mode 100644 index 000000000..4081f9654 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/connections_failed_0a6de1a0-e4df-470f-9bc7-247838fc428c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0a6de1a0-e4df-470f-9bc7-247838fc428c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers connections_failed Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers connections_failed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connections_failed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connections_failed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers connections_failed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connections_failed", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "connections_failed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connections_failed-threshold-Override_'), field('tags._amba-connections_failed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/cpu_percent_a2b3fa9d-f7e8-4d1e-967c-3d661bc06708.json b/services/DBforPostgreSQL/servers/templates/policy/cpu_percent_a2b3fa9d-f7e8-4d1e-967c-3d661bc06708.json new file mode 100644 index 000000000..0fe2dec52 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/cpu_percent_a2b3fa9d-f7e8-4d1e-967c-3d661bc06708.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a2b3fa9d-f7e8-4d1e-967c-3d661bc06708", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers cpu_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/io_consumption_percent_ea7248bd-f96c-4391-ac48-c95312441028.json b/services/DBforPostgreSQL/servers/templates/policy/io_consumption_percent_ea7248bd-f96c-4391-ac48-c95312441028.json new file mode 100644 index 000000000..e5fce1a4f --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/io_consumption_percent_ea7248bd-f96c-4391-ac48-c95312441028.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea7248bd-f96c-4391-ac48-c95312441028", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers io_consumption_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers io_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "io_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-io_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers io_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "io_consumption_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "io_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-io_consumption_percent-threshold-Override_'), field('tags._amba-io_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/memory_percent_1d53e3ac-e98a-426c-81f1-aa1834c49692.json b/services/DBforPostgreSQL/servers/templates/policy/memory_percent_1d53e3ac-e98a-426c-81f1-aa1834c49692.json new file mode 100644 index 000000000..9e3f9eaf6 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/memory_percent_1d53e3ac-e98a-426c-81f1-aa1834c49692.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1d53e3ac-e98a-426c-81f1-aa1834c49692", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers memory_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_percent-threshold-Override_'), field('tags._amba-memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/pg_replica_log_delay_in_seconds_90c0997a-f96e-4a34-87c7-c394c6e8b940.json b/services/DBforPostgreSQL/servers/templates/policy/pg_replica_log_delay_in_seconds_90c0997a-f96e-4a34-87c7-c394c6e8b940.json new file mode 100644 index 000000000..c5cb44dd6 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/pg_replica_log_delay_in_seconds_90c0997a-f96e-4a34-87c7-c394c6e8b940.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "90c0997a-f96e-4a34-87c7-c394c6e8b940", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers pg_replica_log_delay_in_seconds Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers pg_replica_log_delay_in_seconds Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "60" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "pg_replica_log_delay_in_seconds" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-pg_replica_log_delay_in_seconds-threshold-Override_'), field('tags._amba-pg_replica_log_delay_in_seconds-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-pg_replica_log_delay_in_seconds')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers pg_replica_log_delay_in_seconds", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "pg_replica_log_delay_in_seconds", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "pg_replica_log_delay_in_seconds", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-pg_replica_log_delay_in_seconds-threshold-Override_'), field('tags._amba-pg_replica_log_delay_in_seconds-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/serverlog_storage_percent_56a13163-c2b6-4235-96bd-ef1e373b19ba.json b/services/DBforPostgreSQL/servers/templates/policy/serverlog_storage_percent_56a13163-c2b6-4235-96bd-ef1e373b19ba.json new file mode 100644 index 000000000..62bc7278c --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/serverlog_storage_percent_56a13163-c2b6-4235-96bd-ef1e373b19ba.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "56a13163-c2b6-4235-96bd-ef1e373b19ba", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers serverlog_storage_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers serverlog_storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "serverlog_storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-serverlog_storage_percent-threshold-Override_'), field('tags._amba-serverlog_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-serverlog_storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers serverlog_storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "serverlog_storage_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "serverlog_storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-serverlog_storage_percent-threshold-Override_'), field('tags._amba-serverlog_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DBforPostgreSQL/servers/templates/policy/storage_percent_e031f8bf-ed3f-4a41-87fe-b301c1d02367.json b/services/DBforPostgreSQL/servers/templates/policy/storage_percent_e031f8bf-ed3f-4a41-87fe-b301c1d02367.json new file mode 100644 index 000000000..752998c73 --- /dev/null +++ b/services/DBforPostgreSQL/servers/templates/policy/storage_percent_e031f8bf-ed3f-4a41-87fe-b301c1d02367.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e031f8bf-ed3f-4a41-87fe-b301c1d02367", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DBforPostgreSQL servers storage_percent Alert", + "description": "Policy to Audit/Deploy DBforPostgreSQL servers storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DBforPostgreSQL", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DBforPostgreSQL/servers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DBforPostgreSQL/servers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DBforPostgreSQL servers storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.DBforPostgreSQL/servers", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/ActivityFailedRuns_980f53cb-3eef-4263-952e-e69709e2a6e7.json b/services/DataFactory/factories/templates/policy/ActivityFailedRuns_980f53cb-3eef-4263-952e-e69709e2a6e7.json new file mode 100644 index 000000000..8933ceb9b --- /dev/null +++ b/services/DataFactory/factories/templates/policy/ActivityFailedRuns_980f53cb-3eef-4263-952e-e69709e2a6e7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "980f53cb-3eef-4263-952e-e69709e2a6e7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories ActivityFailedRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories ActivityFailedRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActivityFailedRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActivityFailedRuns-threshold-Override_'), field('tags._amba-ActivityFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActivityFailedRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories ActivityFailedRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActivityFailedRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "ActivityFailedRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActivityFailedRuns-threshold-Override_'), field('tags._amba-ActivityFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/ActivitySucceededRuns_321c2df7-c548-4e06-8729-8132b4dc3386.json b/services/DataFactory/factories/templates/policy/ActivitySucceededRuns_321c2df7-c548-4e06-8729-8132b4dc3386.json new file mode 100644 index 000000000..4e9b7cea0 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/ActivitySucceededRuns_321c2df7-c548-4e06-8729-8132b4dc3386.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "321c2df7-c548-4e06-8729-8132b4dc3386", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories ActivitySucceededRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories ActivitySucceededRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActivitySucceededRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActivitySucceededRuns-threshold-Override_'), field('tags._amba-ActivitySucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActivitySucceededRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories ActivitySucceededRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActivitySucceededRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "ActivitySucceededRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActivitySucceededRuns-threshold-Override_'), field('tags._amba-ActivitySucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/FactorySizeInGbUnits_08bfad59-0c23-4e6b-b577-e325f445a2cc.json b/services/DataFactory/factories/templates/policy/FactorySizeInGbUnits_08bfad59-0c23-4e6b-b577-e325f445a2cc.json new file mode 100644 index 000000000..6cd907b95 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/FactorySizeInGbUnits_08bfad59-0c23-4e6b-b577-e325f445a2cc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "08bfad59-0c23-4e6b-b577-e325f445a2cc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories FactorySizeInGbUnits Alert", + "description": "Policy to Audit/Deploy DataFactory factories FactorySizeInGbUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "6" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FactorySizeInGbUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FactorySizeInGbUnits-threshold-Override_'), field('tags._amba-FactorySizeInGbUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FactorySizeInGbUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories FactorySizeInGbUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FactorySizeInGbUnits", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "FactorySizeInGbUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FactorySizeInGbUnits-threshold-Override_'), field('tags._amba-FactorySizeInGbUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableMemory_e8fec7b1-ca81-48cd-a7ea-f81cc2fcb4a5.json b/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableMemory_e8fec7b1-ca81-48cd-a7ea-f81cc2fcb4a5.json new file mode 100644 index 000000000..c6289ec0b --- /dev/null +++ b/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableMemory_e8fec7b1-ca81-48cd-a7ea-f81cc2fcb4a5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e8fec7b1-ca81-48cd-a7ea-f81cc2fcb4a5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories IntegrationRuntimeAvailableMemory Alert", + "description": "Policy to Audit/Deploy DataFactory factories IntegrationRuntimeAvailableMemory Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationRuntimeAvailableMemory" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeAvailableMemory-threshold-Override_'), field('tags._amba-IntegrationRuntimeAvailableMemory-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationRuntimeAvailableMemory')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories IntegrationRuntimeAvailableMemory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationRuntimeAvailableMemory", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "IntegrationRuntimeAvailableMemory", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeAvailableMemory-threshold-Override_'), field('tags._amba-IntegrationRuntimeAvailableMemory-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableNodeNumber_4b40d85d-f0be-41e5-9d60-ad9a99c54a41.json b/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableNodeNumber_4b40d85d-f0be-41e5-9d60-ad9a99c54a41.json new file mode 100644 index 000000000..d34defd2f --- /dev/null +++ b/services/DataFactory/factories/templates/policy/IntegrationRuntimeAvailableNodeNumber_4b40d85d-f0be-41e5-9d60-ad9a99c54a41.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4b40d85d-f0be-41e5-9d60-ad9a99c54a41", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories IntegrationRuntimeAvailableNodeNumber Alert", + "description": "Policy to Audit/Deploy DataFactory factories IntegrationRuntimeAvailableNodeNumber Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationRuntimeAvailableNodeNumber" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeAvailableNodeNumber-threshold-Override_'), field('tags._amba-IntegrationRuntimeAvailableNodeNumber-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationRuntimeAvailableNodeNumber')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories IntegrationRuntimeAvailableNodeNumber", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationRuntimeAvailableNodeNumber", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "IntegrationRuntimeAvailableNodeNumber", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeAvailableNodeNumber-threshold-Override_'), field('tags._amba-IntegrationRuntimeAvailableNodeNumber-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/IntegrationRuntimeCpuPercentage_473c5450-95cc-4f86-bb8a-d0a06edd1357.json b/services/DataFactory/factories/templates/policy/IntegrationRuntimeCpuPercentage_473c5450-95cc-4f86-bb8a-d0a06edd1357.json new file mode 100644 index 000000000..3b58b494d --- /dev/null +++ b/services/DataFactory/factories/templates/policy/IntegrationRuntimeCpuPercentage_473c5450-95cc-4f86-bb8a-d0a06edd1357.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "473c5450-95cc-4f86-bb8a-d0a06edd1357", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories IntegrationRuntimeCpuPercentage Alert", + "description": "Policy to Audit/Deploy DataFactory factories IntegrationRuntimeCpuPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationRuntimeCpuPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeCpuPercentage-threshold-Override_'), field('tags._amba-IntegrationRuntimeCpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationRuntimeCpuPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories IntegrationRuntimeCpuPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationRuntimeCpuPercentage", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "IntegrationRuntimeCpuPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationRuntimeCpuPercentage-threshold-Override_'), field('tags._amba-IntegrationRuntimeCpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/MaxAllowedFactorySizeInGbUnits_71d5d464-ae1c-4383-835f-bb7369e307ea.json b/services/DataFactory/factories/templates/policy/MaxAllowedFactorySizeInGbUnits_71d5d464-ae1c-4383-835f-bb7369e307ea.json new file mode 100644 index 000000000..4ed737172 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/MaxAllowedFactorySizeInGbUnits_71d5d464-ae1c-4383-835f-bb7369e307ea.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "71d5d464-ae1c-4383-835f-bb7369e307ea", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories MaxAllowedFactorySizeInGbUnits Alert", + "description": "Policy to Audit/Deploy DataFactory factories MaxAllowedFactorySizeInGbUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "8" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MaxAllowedFactorySizeInGbUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MaxAllowedFactorySizeInGbUnits-threshold-Override_'), field('tags._amba-MaxAllowedFactorySizeInGbUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MaxAllowedFactorySizeInGbUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories MaxAllowedFactorySizeInGbUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MaxAllowedFactorySizeInGbUnits", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "MaxAllowedFactorySizeInGbUnits", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MaxAllowedFactorySizeInGbUnits-threshold-Override_'), field('tags._amba-MaxAllowedFactorySizeInGbUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/MaxAllowedResourceCount_a678b284-d23b-46e4-a8fa-75bb744a53bb.json b/services/DataFactory/factories/templates/policy/MaxAllowedResourceCount_a678b284-d23b-46e4-a8fa-75bb744a53bb.json new file mode 100644 index 000000000..491809e51 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/MaxAllowedResourceCount_a678b284-d23b-46e4-a8fa-75bb744a53bb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a678b284-d23b-46e4-a8fa-75bb744a53bb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories MaxAllowedResourceCount Alert", + "description": "Policy to Audit/Deploy DataFactory factories MaxAllowedResourceCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2500000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MaxAllowedResourceCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MaxAllowedResourceCount-threshold-Override_'), field('tags._amba-MaxAllowedResourceCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MaxAllowedResourceCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories MaxAllowedResourceCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MaxAllowedResourceCount", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "MaxAllowedResourceCount", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MaxAllowedResourceCount-threshold-Override_'), field('tags._amba-MaxAllowedResourceCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/PipelineCancelledRuns_f5e0a050-1994-4864-b2c3-a09dc77fb5b4.json b/services/DataFactory/factories/templates/policy/PipelineCancelledRuns_f5e0a050-1994-4864-b2c3-a09dc77fb5b4.json new file mode 100644 index 000000000..77566fdb8 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/PipelineCancelledRuns_f5e0a050-1994-4864-b2c3-a09dc77fb5b4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f5e0a050-1994-4864-b2c3-a09dc77fb5b4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories PipelineCancelledRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories PipelineCancelledRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PipelineCancelledRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PipelineCancelledRuns-threshold-Override_'), field('tags._amba-PipelineCancelledRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PipelineCancelledRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories PipelineCancelledRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PipelineCancelledRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "PipelineCancelledRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PipelineCancelledRuns-threshold-Override_'), field('tags._amba-PipelineCancelledRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/PipelineElapsedTimeRuns_df4f3e6f-757e-4fa0-a411-b2cdf4039649.json b/services/DataFactory/factories/templates/policy/PipelineElapsedTimeRuns_df4f3e6f-757e-4fa0-a411-b2cdf4039649.json new file mode 100644 index 000000000..7089db360 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/PipelineElapsedTimeRuns_df4f3e6f-757e-4fa0-a411-b2cdf4039649.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "df4f3e6f-757e-4fa0-a411-b2cdf4039649", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories PipelineElapsedTimeRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories PipelineElapsedTimeRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PipelineElapsedTimeRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PipelineElapsedTimeRuns-threshold-Override_'), field('tags._amba-PipelineElapsedTimeRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PipelineElapsedTimeRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories PipelineElapsedTimeRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PipelineElapsedTimeRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "PipelineElapsedTimeRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PipelineElapsedTimeRuns-threshold-Override_'), field('tags._amba-PipelineElapsedTimeRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/PipelineFailedRuns_2dd0b760-3235-479d-86d4-c152ca76b7e8.json b/services/DataFactory/factories/templates/policy/PipelineFailedRuns_2dd0b760-3235-479d-86d4-c152ca76b7e8.json new file mode 100644 index 000000000..2bdc6552e --- /dev/null +++ b/services/DataFactory/factories/templates/policy/PipelineFailedRuns_2dd0b760-3235-479d-86d4-c152ca76b7e8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2dd0b760-3235-479d-86d4-c152ca76b7e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories PipelineFailedRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories PipelineFailedRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PipelineFailedRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PipelineFailedRuns-threshold-Override_'), field('tags._amba-PipelineFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PipelineFailedRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories PipelineFailedRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PipelineFailedRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "PipelineFailedRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PipelineFailedRuns-threshold-Override_'), field('tags._amba-PipelineFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/PipelineSucceededRuns_47615ecc-bf5d-47e2-8c10-f8411e6c5d56.json b/services/DataFactory/factories/templates/policy/PipelineSucceededRuns_47615ecc-bf5d-47e2-8c10-f8411e6c5d56.json new file mode 100644 index 000000000..f22f25eb3 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/PipelineSucceededRuns_47615ecc-bf5d-47e2-8c10-f8411e6c5d56.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "47615ecc-bf5d-47e2-8c10-f8411e6c5d56", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories PipelineSucceededRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories PipelineSucceededRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PipelineSucceededRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PipelineSucceededRuns-threshold-Override_'), field('tags._amba-PipelineSucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PipelineSucceededRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories PipelineSucceededRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PipelineSucceededRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "PipelineSucceededRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PipelineSucceededRuns-threshold-Override_'), field('tags._amba-PipelineSucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/ResourceCount_740b104c-1ad2-4ef7-bafc-c98f22551548.json b/services/DataFactory/factories/templates/policy/ResourceCount_740b104c-1ad2-4ef7-bafc-c98f22551548.json new file mode 100644 index 000000000..a2c05ceee --- /dev/null +++ b/services/DataFactory/factories/templates/policy/ResourceCount_740b104c-1ad2-4ef7-bafc-c98f22551548.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "740b104c-1ad2-4ef7-bafc-c98f22551548", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories ResourceCount Alert", + "description": "Policy to Audit/Deploy DataFactory factories ResourceCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1700000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ResourceCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ResourceCount-threshold-Override_'), field('tags._amba-ResourceCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ResourceCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories ResourceCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ResourceCount", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "ResourceCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ResourceCount-threshold-Override_'), field('tags._amba-ResourceCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/SSISIntegrationRuntimeStartFailed_5f2a0272-792a-4cdd-ba94-9f46db438a0e.json b/services/DataFactory/factories/templates/policy/SSISIntegrationRuntimeStartFailed_5f2a0272-792a-4cdd-ba94-9f46db438a0e.json new file mode 100644 index 000000000..bda8f6e71 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/SSISIntegrationRuntimeStartFailed_5f2a0272-792a-4cdd-ba94-9f46db438a0e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5f2a0272-792a-4cdd-ba94-9f46db438a0e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories SSISIntegrationRuntimeStartFailed Alert", + "description": "Policy to Audit/Deploy DataFactory factories SSISIntegrationRuntimeStartFailed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SSISIntegrationRuntimeStartFailed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SSISIntegrationRuntimeStartFailed-threshold-Override_'), field('tags._amba-SSISIntegrationRuntimeStartFailed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SSISIntegrationRuntimeStartFailed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories SSISIntegrationRuntimeStartFailed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SSISIntegrationRuntimeStartFailed", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "SSISIntegrationRuntimeStartFailed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SSISIntegrationRuntimeStartFailed-threshold-Override_'), field('tags._amba-SSISIntegrationRuntimeStartFailed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/SSISPackageExecutionFailed_c30b6089-59c5-4452-b382-d33152be9b03.json b/services/DataFactory/factories/templates/policy/SSISPackageExecutionFailed_c30b6089-59c5-4452-b382-d33152be9b03.json new file mode 100644 index 000000000..07e52c70e --- /dev/null +++ b/services/DataFactory/factories/templates/policy/SSISPackageExecutionFailed_c30b6089-59c5-4452-b382-d33152be9b03.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c30b6089-59c5-4452-b382-d33152be9b03", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories SSISPackageExecutionFailed Alert", + "description": "Policy to Audit/Deploy DataFactory factories SSISPackageExecutionFailed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SSISPackageExecutionFailed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SSISPackageExecutionFailed-threshold-Override_'), field('tags._amba-SSISPackageExecutionFailed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SSISPackageExecutionFailed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories SSISPackageExecutionFailed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SSISPackageExecutionFailed", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "SSISPackageExecutionFailed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SSISPackageExecutionFailed-threshold-Override_'), field('tags._amba-SSISPackageExecutionFailed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/TriggerFailedRuns_9c7bde49-f0c2-4a07-b150-5dc9464fcf29.json b/services/DataFactory/factories/templates/policy/TriggerFailedRuns_9c7bde49-f0c2-4a07-b150-5dc9464fcf29.json new file mode 100644 index 000000000..d79bfa883 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/TriggerFailedRuns_9c7bde49-f0c2-4a07-b150-5dc9464fcf29.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9c7bde49-f0c2-4a07-b150-5dc9464fcf29", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories TriggerFailedRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories TriggerFailedRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggerFailedRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TriggerFailedRuns-threshold-Override_'), field('tags._amba-TriggerFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggerFailedRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories TriggerFailedRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggerFailedRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "TriggerFailedRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TriggerFailedRuns-threshold-Override_'), field('tags._amba-TriggerFailedRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DataFactory/factories/templates/policy/TriggerSucceededRuns_b8286cfa-9f86-4309-954b-ef69a6d8982d.json b/services/DataFactory/factories/templates/policy/TriggerSucceededRuns_b8286cfa-9f86-4309-954b-ef69a6d8982d.json new file mode 100644 index 000000000..d780f1968 --- /dev/null +++ b/services/DataFactory/factories/templates/policy/TriggerSucceededRuns_b8286cfa-9f86-4309-954b-ef69a6d8982d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b8286cfa-9f86-4309-954b-ef69a6d8982d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DataFactory factories TriggerSucceededRuns Alert", + "description": "Policy to Audit/Deploy DataFactory factories TriggerSucceededRuns Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DataFactory", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DataFactory/factories" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggerSucceededRuns" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DataFactory/factories/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TriggerSucceededRuns-threshold-Override_'), field('tags._amba-TriggerSucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggerSucceededRuns')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DataFactory factories TriggerSucceededRuns", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggerSucceededRuns", + "metricNamespace": "Microsoft.DataFactory/factories", + "metricName": "TriggerSucceededRuns", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TriggerSucceededRuns-threshold-Override_'), field('tags._amba-TriggerSucceededRuns-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Devices/IotHubs/templates/policy/dailyMessageQuotaUsed_d78fc655-68ca-4877-ac60-7fc805f1ae94.json b/services/Devices/IotHubs/templates/policy/dailyMessageQuotaUsed_d78fc655-68ca-4877-ac60-7fc805f1ae94.json new file mode 100644 index 000000000..6e7842538 --- /dev/null +++ b/services/Devices/IotHubs/templates/policy/dailyMessageQuotaUsed_d78fc655-68ca-4877-ac60-7fc805f1ae94.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d78fc655-68ca-4877-ac60-7fc805f1ae94", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Devices IotHubs dailyMessageQuotaUsed Alert", + "description": "Policy to Audit/Deploy Devices IotHubs dailyMessageQuotaUsed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Devices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "360000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "dailyMessageQuotaUsed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Devices/IotHubs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-dailyMessageQuotaUsed-threshold-Override_'), field('tags._amba-dailyMessageQuotaUsed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-dailyMessageQuotaUsed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Devices IotHubs dailyMessageQuotaUsed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "dailyMessageQuotaUsed", + "metricNamespace": "Microsoft.Devices/IotHubs", + "metricName": "dailyMessageQuotaUsed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-dailyMessageQuotaUsed-threshold-Override_'), field('tags._amba-dailyMessageQuotaUsed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Devices/IotHubs/templates/policy/dctelemetryegressdropped_d5a028d1-ae0e-4349-8a79-630f891c8235.json b/services/Devices/IotHubs/templates/policy/dctelemetryegressdropped_d5a028d1-ae0e-4349-8a79-630f891c8235.json new file mode 100644 index 000000000..de4d27a90 --- /dev/null +++ b/services/Devices/IotHubs/templates/policy/dctelemetryegressdropped_d5a028d1-ae0e-4349-8a79-630f891c8235.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d5a028d1-ae0e-4349-8a79-630f891c8235", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Devices IotHubs d2c.telemetry.egress.dropped Alert", + "description": "Policy to Audit/Deploy Devices IotHubs d2c.telemetry.egress.dropped Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Devices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "d2c.telemetry.egress.dropped" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Devices/IotHubs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-d2c.telemetry.egress.dropped-threshold-Override_'), field('tags._amba-d2c.telemetry.egress.dropped-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-d2c.telemetry.egress.dropped')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Devices IotHubs d2c.telemetry.egress.dropped", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "d2c.telemetry.egress.dropped", + "metricNamespace": "Microsoft.Devices/IotHubs", + "metricName": "d2c.telemetry.egress.dropped", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-d2c.telemetry.egress.dropped-threshold-Override_'), field('tags._amba-d2c.telemetry.egress.dropped-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Devices/IotHubs/templates/policy/dctelemetryingresssendThrottle_65deae31-85e8-477a-b17e-50d2d10cd7b0.json b/services/Devices/IotHubs/templates/policy/dctelemetryingresssendThrottle_65deae31-85e8-477a-b17e-50d2d10cd7b0.json new file mode 100644 index 000000000..cd46fc0ef --- /dev/null +++ b/services/Devices/IotHubs/templates/policy/dctelemetryingresssendThrottle_65deae31-85e8-477a-b17e-50d2d10cd7b0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "65deae31-85e8-477a-b17e-50d2d10cd7b0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Devices IotHubs d2c.telemetry.ingress.sendThrottle Alert", + "description": "Policy to Audit/Deploy Devices IotHubs d2c.telemetry.ingress.sendThrottle Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Devices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "d2c.telemetry.ingress.sendThrottle" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Devices/IotHubs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-d2c.telemetry.ingress.sendThrottle-threshold-Override_'), field('tags._amba-d2c.telemetry.ingress.sendThrottle-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-d2c.telemetry.ingress.sendThrottle')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Devices IotHubs d2c.telemetry.ingress.sendThrottle", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "d2c.telemetry.ingress.sendThrottle", + "metricNamespace": "Microsoft.Devices/IotHubs", + "metricName": "d2c.telemetry.ingress.sendThrottle", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-d2c.telemetry.ingress.sendThrottle-threshold-Override_'), field('tags._amba-d2c.telemetry.ingress.sendThrottle-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Devices/IotHubs/templates/policy/dctelemetryingresssuccess_85de8003-c1d8-4cd1-80b5-e125399ef293.json b/services/Devices/IotHubs/templates/policy/dctelemetryingresssuccess_85de8003-c1d8-4cd1-80b5-e125399ef293.json new file mode 100644 index 000000000..ac547ef9f --- /dev/null +++ b/services/Devices/IotHubs/templates/policy/dctelemetryingresssuccess_85de8003-c1d8-4cd1-80b5-e125399ef293.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "85de8003-c1d8-4cd1-80b5-e125399ef293", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Devices IotHubs d2c.telemetry.ingress.success Alert", + "description": "Policy to Audit/Deploy Devices IotHubs d2c.telemetry.ingress.success Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Devices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "24000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Devices/IotHubs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "d2c.telemetry.ingress.success" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Devices/IotHubs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-d2c.telemetry.ingress.success-threshold-Override_'), field('tags._amba-d2c.telemetry.ingress.success-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-d2c.telemetry.ingress.success')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Devices IotHubs d2c.telemetry.ingress.success", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "d2c.telemetry.ingress.success", + "metricNamespace": "Microsoft.Devices/IotHubs", + "metricName": "d2c.telemetry.ingress.success", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-d2c.telemetry.ingress.success-threshold-Override_'), field('tags._amba-d2c.telemetry.ingress.success-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/DataUsage_0914c189-0adc-45d6-8704-d2ae73b9b7b6.json b/services/DocumentDB/databaseAccounts/templates/policy/DataUsage_0914c189-0adc-45d6-8704-d2ae73b9b7b6.json new file mode 100644 index 000000000..c1ecaeb86 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/DataUsage_0914c189-0adc-45d6-8704-d2ae73b9b7b6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0914c189-0adc-45d6-8704-d2ae73b9b7b6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts DataUsage Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts DataUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2147483648" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DataUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DataUsage-threshold-Override_'), field('tags._amba-DataUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DataUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts DataUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DataUsage", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "DataUsage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DataUsage-threshold-Override_'), field('tags._amba-DataUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/MongoRequests_3f30e3aa-7e17-4eaf-a437-a420f5a23bf2.json b/services/DocumentDB/databaseAccounts/templates/policy/MongoRequests_3f30e3aa-7e17-4eaf-a437-a420f5a23bf2.json new file mode 100644 index 000000000..078ad3d83 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/MongoRequests_3f30e3aa-7e17-4eaf-a437-a420f5a23bf2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3f30e3aa-7e17-4eaf-a437-a420f5a23bf2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts MongoRequests Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts MongoRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "9" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MongoRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MongoRequests-threshold-Override_'), field('tags._amba-MongoRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MongoRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts MongoRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MongoRequests", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "MongoRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MongoRequests-threshold-Override_'), field('tags._amba-MongoRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/NormalizedRUConsumption_9bae539a-12ed-46e2-b105-101ce036c9a4.json b/services/DocumentDB/databaseAccounts/templates/policy/NormalizedRUConsumption_9bae539a-12ed-46e2-b105-101ce036c9a4.json new file mode 100644 index 000000000..7b36699a4 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/NormalizedRUConsumption_9bae539a-12ed-46e2-b105-101ce036c9a4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9bae539a-12ed-46e2-b105-101ce036c9a4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts NormalizedRUConsumption Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts NormalizedRUConsumption Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "70" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NormalizedRUConsumption" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-NormalizedRUConsumption-threshold-Override_'), field('tags._amba-NormalizedRUConsumption-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NormalizedRUConsumption')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts NormalizedRUConsumption", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NormalizedRUConsumption", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "NormalizedRUConsumption", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-NormalizedRUConsumption-threshold-Override_'), field('tags._amba-NormalizedRUConsumption-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/OfflineRegion_0cb53be3-76b5-44be-9f32-bcc821be34b6.json b/services/DocumentDB/databaseAccounts/templates/policy/OfflineRegion_0cb53be3-76b5-44be-9f32-bcc821be34b6.json new file mode 100644 index 000000000..39c6429bf --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/OfflineRegion_0cb53be3-76b5-44be-9f32-bcc821be34b6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0cb53be3-76b5-44be-9f32-bcc821be34b6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts OfflineRegion Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts OfflineRegion Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OfflineRegion" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OfflineRegion-threshold-Override_'), field('tags._amba-OfflineRegion-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OfflineRegion')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts OfflineRegion", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OfflineRegion", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "OfflineRegion", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OfflineRegion-threshold-Override_'), field('tags._amba-OfflineRegion-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/ProvisionedThroughput_f77ce9c2-bb95-47e7-8e5d-75d5c098f489.json b/services/DocumentDB/databaseAccounts/templates/policy/ProvisionedThroughput_f77ce9c2-bb95-47e7-8e5d-75d5c098f489.json new file mode 100644 index 000000000..3e881d76f --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/ProvisionedThroughput_f77ce9c2-bb95-47e7-8e5d-75d5c098f489.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f77ce9c2-bb95-47e7-8e5d-75d5c098f489", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts ProvisionedThroughput Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts ProvisionedThroughput Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ProvisionedThroughput" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ProvisionedThroughput-threshold-Override_'), field('tags._amba-ProvisionedThroughput-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ProvisionedThroughput')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts ProvisionedThroughput", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ProvisionedThroughput", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "ProvisionedThroughput", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ProvisionedThroughput-threshold-Override_'), field('tags._amba-ProvisionedThroughput-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/RegionFailover_9c41c539-b81b-4917-b04a-e67225f78e75.json b/services/DocumentDB/databaseAccounts/templates/policy/RegionFailover_9c41c539-b81b-4917-b04a-e67225f78e75.json new file mode 100644 index 000000000..f22b26514 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/RegionFailover_9c41c539-b81b-4917-b04a-e67225f78e75.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9c41c539-b81b-4917-b04a-e67225f78e75", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts RegionFailover Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts RegionFailover Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RegionFailover" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RegionFailover-threshold-Override_'), field('tags._amba-RegionFailover-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RegionFailover')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts RegionFailover", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RegionFailover", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "RegionFailover", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RegionFailover-threshold-Override_'), field('tags._amba-RegionFailover-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/RemoveRegion_228e104f-002a-441d-91ec-6140f233c1a4.json b/services/DocumentDB/databaseAccounts/templates/policy/RemoveRegion_228e104f-002a-441d-91ec-6140f233c1a4.json new file mode 100644 index 000000000..5e48c47e9 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/RemoveRegion_228e104f-002a-441d-91ec-6140f233c1a4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "228e104f-002a-441d-91ec-6140f233c1a4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts RemoveRegion Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts RemoveRegion Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RemoveRegion" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RemoveRegion-threshold-Override_'), field('tags._amba-RemoveRegion-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RemoveRegion')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts RemoveRegion", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RemoveRegion", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "RemoveRegion", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RemoveRegion-threshold-Override_'), field('tags._amba-RemoveRegion-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/ReplicationLatency_cf0655a4-042d-4979-bbc7-5559eaa8f2b9.json b/services/DocumentDB/databaseAccounts/templates/policy/ReplicationLatency_cf0655a4-042d-4979-bbc7-5559eaa8f2b9.json new file mode 100644 index 000000000..4fe8cd02b --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/ReplicationLatency_cf0655a4-042d-4979-bbc7-5559eaa8f2b9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cf0655a4-042d-4979-bbc7-5559eaa8f2b9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts ReplicationLatency Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts ReplicationLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ReplicationLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ReplicationLatency-threshold-Override_'), field('tags._amba-ReplicationLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ReplicationLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts ReplicationLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ReplicationLatency", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "ReplicationLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ReplicationLatency-threshold-Override_'), field('tags._amba-ReplicationLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/ServerSideLatency_28f2e10d-2297-47f9-ac6a-c7a8cc0c8ead.json b/services/DocumentDB/databaseAccounts/templates/policy/ServerSideLatency_28f2e10d-2297-47f9-ac6a-c7a8cc0c8ead.json new file mode 100644 index 000000000..196ab0800 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/ServerSideLatency_28f2e10d-2297-47f9-ac6a-c7a8cc0c8ead.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "28f2e10d-2297-47f9-ac6a-c7a8cc0c8ead", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts ServerSideLatency Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts ServerSideLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerSideLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerSideLatency-threshold-Override_'), field('tags._amba-ServerSideLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerSideLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts ServerSideLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerSideLatency", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "ServerSideLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerSideLatency-threshold-Override_'), field('tags._amba-ServerSideLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/ServiceAvailability_ee10b769-b38b-44d1-9fd3-926b8dca4c41.json b/services/DocumentDB/databaseAccounts/templates/policy/ServiceAvailability_ee10b769-b38b-44d1-9fd3-926b8dca4c41.json new file mode 100644 index 000000000..66db4c8b2 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/ServiceAvailability_ee10b769-b38b-44d1-9fd3-926b8dca4c41.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ee10b769-b38b-44d1-9fd3-926b8dca4c41", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts ServiceAvailability Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts ServiceAvailability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "99.9" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServiceAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServiceAvailability-threshold-Override_'), field('tags._amba-ServiceAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServiceAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts ServiceAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServiceAvailability", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "ServiceAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServiceAvailability-threshold-Override_'), field('tags._amba-ServiceAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/SqlContainerDelete_faf5510e-28b7-42c9-8ad1-de68a5737eaf.json b/services/DocumentDB/databaseAccounts/templates/policy/SqlContainerDelete_faf5510e-28b7-42c9-8ad1-de68a5737eaf.json new file mode 100644 index 000000000..317b928d2 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/SqlContainerDelete_faf5510e-28b7-42c9-8ad1-de68a5737eaf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "faf5510e-28b7-42c9-8ad1-de68a5737eaf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts SqlContainerDelete Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts SqlContainerDelete Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SqlContainerDelete" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SqlContainerDelete-threshold-Override_'), field('tags._amba-SqlContainerDelete-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SqlContainerDelete')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts SqlContainerDelete", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SqlContainerDelete", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "SqlContainerDelete", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SqlContainerDelete-threshold-Override_'), field('tags._amba-SqlContainerDelete-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/SqlDatabaseDelete_a7958120-a386-46d0-9790-e80bfa72fb22.json b/services/DocumentDB/databaseAccounts/templates/policy/SqlDatabaseDelete_a7958120-a386-46d0-9790-e80bfa72fb22.json new file mode 100644 index 000000000..5b5d89237 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/SqlDatabaseDelete_a7958120-a386-46d0-9790-e80bfa72fb22.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a7958120-a386-46d0-9790-e80bfa72fb22", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts SqlDatabaseDelete Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts SqlDatabaseDelete Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SqlDatabaseDelete" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SqlDatabaseDelete-threshold-Override_'), field('tags._amba-SqlDatabaseDelete-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SqlDatabaseDelete')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts SqlDatabaseDelete", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SqlDatabaseDelete", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "SqlDatabaseDelete", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SqlDatabaseDelete-threshold-Override_'), field('tags._amba-SqlDatabaseDelete-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/TotalRequestUnits_14fc7c6b-484f-427f-a1d2-94cded799f88.json b/services/DocumentDB/databaseAccounts/templates/policy/TotalRequestUnits_14fc7c6b-484f-427f-a1d2-94cded799f88.json new file mode 100644 index 000000000..7992773a6 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/TotalRequestUnits_14fc7c6b-484f-427f-a1d2-94cded799f88.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "14fc7c6b-484f-427f-a1d2-94cded799f88", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts TotalRequestUnits Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts TotalRequestUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalRequestUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalRequestUnits-threshold-Override_'), field('tags._amba-TotalRequestUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalRequestUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts TotalRequestUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalRequestUnits", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "TotalRequestUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalRequestUnits-threshold-Override_'), field('tags._amba-TotalRequestUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/TotalRequests_2a1deb2d-1fc0-499b-a828-04aeece855fe.json b/services/DocumentDB/databaseAccounts/templates/policy/TotalRequests_2a1deb2d-1fc0-499b-a828-04aeece855fe.json new file mode 100644 index 000000000..2f4729df8 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/TotalRequests_2a1deb2d-1fc0-499b-a828-04aeece855fe.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2a1deb2d-1fc0-499b-a828-04aeece855fe", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts TotalRequests Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts TotalRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts TotalRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalRequests", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "TotalRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/DocumentDB/databaseAccounts/templates/policy/UpdateAccountKeys_d4d7685a-ce55-4709-a847-747d02165cb7.json b/services/DocumentDB/databaseAccounts/templates/policy/UpdateAccountKeys_d4d7685a-ce55-4709-a847-747d02165cb7.json new file mode 100644 index 000000000..73578c197 --- /dev/null +++ b/services/DocumentDB/databaseAccounts/templates/policy/UpdateAccountKeys_d4d7685a-ce55-4709-a847-747d02165cb7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d4d7685a-ce55-4709-a847-747d02165cb7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy DocumentDB databaseAccounts UpdateAccountKeys Alert", + "description": "Policy to Audit/Deploy DocumentDB databaseAccounts UpdateAccountKeys Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "DocumentDB", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.DocumentDB/databaseAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UpdateAccountKeys" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.DocumentDB/databaseAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UpdateAccountKeys-threshold-Override_'), field('tags._amba-UpdateAccountKeys-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UpdateAccountKeys')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for DocumentDB databaseAccounts UpdateAccountKeys", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UpdateAccountKeys", + "metricNamespace": "Microsoft.DocumentDB/databaseAccounts", + "metricName": "UpdateAccountKeys", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UpdateAccountKeys-threshold-Override_'), field('tags._amba-UpdateAccountKeys-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/domains/templates/policy/DeliveryAttemptFailCount_51ff86c0-2add-42e0-aab8-f6f0edcf2b51.json b/services/EventGrid/domains/templates/policy/DeliveryAttemptFailCount_51ff86c0-2add-42e0-aab8-f6f0edcf2b51.json new file mode 100644 index 000000000..f11d259e7 --- /dev/null +++ b/services/EventGrid/domains/templates/policy/DeliveryAttemptFailCount_51ff86c0-2add-42e0-aab8-f6f0edcf2b51.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "51ff86c0-2add-42e0-aab8-f6f0edcf2b51", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid domains DeliveryAttemptFailCount Alert", + "description": "Policy to Audit/Deploy EventGrid domains DeliveryAttemptFailCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/domains" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/domains" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeliveryAttemptFailCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/domains/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeliveryAttemptFailCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid domains DeliveryAttemptFailCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeliveryAttemptFailCount", + "metricNamespace": "Microsoft.EventGrid/domains", + "metricName": "DeliveryAttemptFailCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/systemTopics/templates/policy/DeadLetteredCount_c02f2d18-2b7e-4d85-81fa-2c1437d0b092.json b/services/EventGrid/systemTopics/templates/policy/DeadLetteredCount_c02f2d18-2b7e-4d85-81fa-2c1437d0b092.json new file mode 100644 index 000000000..b04dd58f0 --- /dev/null +++ b/services/EventGrid/systemTopics/templates/policy/DeadLetteredCount_c02f2d18-2b7e-4d85-81fa-2c1437d0b092.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c02f2d18-2b7e-4d85-81fa-2c1437d0b092", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid systemTopics DeadLetteredCount Alert", + "description": "Policy to Audit/Deploy EventGrid systemTopics DeadLetteredCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeadLetteredCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/systemTopics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeadLetteredCount-threshold-Override_'), field('tags._amba-DeadLetteredCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeadLetteredCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid systemTopics DeadLetteredCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeadLetteredCount", + "metricNamespace": "Microsoft.EventGrid/systemTopics", + "metricName": "DeadLetteredCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeadLetteredCount-threshold-Override_'), field('tags._amba-DeadLetteredCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/systemTopics/templates/policy/DeliveryAttemptFailCount_6584a39d-0795-4132-8c33-376d3926d21b.json b/services/EventGrid/systemTopics/templates/policy/DeliveryAttemptFailCount_6584a39d-0795-4132-8c33-376d3926d21b.json new file mode 100644 index 000000000..c7cd1c28a --- /dev/null +++ b/services/EventGrid/systemTopics/templates/policy/DeliveryAttemptFailCount_6584a39d-0795-4132-8c33-376d3926d21b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6584a39d-0795-4132-8c33-376d3926d21b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid systemTopics DeliveryAttemptFailCount Alert", + "description": "Policy to Audit/Deploy EventGrid systemTopics DeliveryAttemptFailCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeliveryAttemptFailCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/systemTopics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeliveryAttemptFailCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid systemTopics DeliveryAttemptFailCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeliveryAttemptFailCount", + "metricNamespace": "Microsoft.EventGrid/systemTopics", + "metricName": "DeliveryAttemptFailCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/systemTopics/templates/policy/PublishFailCount_fb8bc2ae-26bc-45a1-b616-1f45ffb864ae.json b/services/EventGrid/systemTopics/templates/policy/PublishFailCount_fb8bc2ae-26bc-45a1-b616-1f45ffb864ae.json new file mode 100644 index 000000000..91225b634 --- /dev/null +++ b/services/EventGrid/systemTopics/templates/policy/PublishFailCount_fb8bc2ae-26bc-45a1-b616-1f45ffb864ae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fb8bc2ae-26bc-45a1-b616-1f45ffb864ae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid systemTopics PublishFailCount Alert", + "description": "Policy to Audit/Deploy EventGrid systemTopics PublishFailCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/systemTopics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PublishFailCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/systemTopics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PublishFailCount-threshold-Override_'), field('tags._amba-PublishFailCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PublishFailCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid systemTopics PublishFailCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PublishFailCount", + "metricNamespace": "Microsoft.EventGrid/systemTopics", + "metricName": "PublishFailCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PublishFailCount-threshold-Override_'), field('tags._amba-PublishFailCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/topics/templates/policy/DeadLetteredCount_343258f9-4bb2-41fb-abfa-d04ea62a6aad.json b/services/EventGrid/topics/templates/policy/DeadLetteredCount_343258f9-4bb2-41fb-abfa-d04ea62a6aad.json new file mode 100644 index 000000000..832653126 --- /dev/null +++ b/services/EventGrid/topics/templates/policy/DeadLetteredCount_343258f9-4bb2-41fb-abfa-d04ea62a6aad.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "343258f9-4bb2-41fb-abfa-d04ea62a6aad", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid topics DeadLetteredCount Alert", + "description": "Policy to Audit/Deploy EventGrid topics DeadLetteredCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeadLetteredCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/topics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeadLetteredCount-threshold-Override_'), field('tags._amba-DeadLetteredCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeadLetteredCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid topics DeadLetteredCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeadLetteredCount", + "metricNamespace": "Microsoft.EventGrid/topics", + "metricName": "DeadLetteredCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeadLetteredCount-threshold-Override_'), field('tags._amba-DeadLetteredCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/topics/templates/policy/DeliveryAttemptFailCount_95865d3b-41d0-4ad6-b08b-a2dcfe0940a9.json b/services/EventGrid/topics/templates/policy/DeliveryAttemptFailCount_95865d3b-41d0-4ad6-b08b-a2dcfe0940a9.json new file mode 100644 index 000000000..04639bbd1 --- /dev/null +++ b/services/EventGrid/topics/templates/policy/DeliveryAttemptFailCount_95865d3b-41d0-4ad6-b08b-a2dcfe0940a9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "95865d3b-41d0-4ad6-b08b-a2dcfe0940a9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid topics DeliveryAttemptFailCount Alert", + "description": "Policy to Audit/Deploy EventGrid topics DeliveryAttemptFailCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeliveryAttemptFailCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/topics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeliveryAttemptFailCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid topics DeliveryAttemptFailCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeliveryAttemptFailCount", + "metricNamespace": "Microsoft.EventGrid/topics", + "metricName": "DeliveryAttemptFailCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeliveryAttemptFailCount-threshold-Override_'), field('tags._amba-DeliveryAttemptFailCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/topics/templates/policy/DroppedEventCount_e9561f89-282e-4145-b5cc-8485a7fc987c.json b/services/EventGrid/topics/templates/policy/DroppedEventCount_e9561f89-282e-4145-b5cc-8485a7fc987c.json new file mode 100644 index 000000000..d8f9eeba8 --- /dev/null +++ b/services/EventGrid/topics/templates/policy/DroppedEventCount_e9561f89-282e-4145-b5cc-8485a7fc987c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e9561f89-282e-4145-b5cc-8485a7fc987c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid topics DroppedEventCount Alert", + "description": "Policy to Audit/Deploy EventGrid topics DroppedEventCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DroppedEventCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/topics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DroppedEventCount-threshold-Override_'), field('tags._amba-DroppedEventCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DroppedEventCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid topics DroppedEventCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DroppedEventCount", + "metricNamespace": "Microsoft.EventGrid/topics", + "metricName": "DroppedEventCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DroppedEventCount-threshold-Override_'), field('tags._amba-DroppedEventCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventGrid/topics/templates/policy/PublishFailCount_230c0173-8b36-4412-9617-3e096886a403.json b/services/EventGrid/topics/templates/policy/PublishFailCount_230c0173-8b36-4412-9617-3e096886a403.json new file mode 100644 index 000000000..f132be468 --- /dev/null +++ b/services/EventGrid/topics/templates/policy/PublishFailCount_230c0173-8b36-4412-9617-3e096886a403.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "230c0173-8b36-4412-9617-3e096886a403", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventGrid topics PublishFailCount Alert", + "description": "Policy to Audit/Deploy EventGrid topics PublishFailCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventGrid", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventGrid/topics" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PublishFailCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventGrid/topics/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PublishFailCount-threshold-Override_'), field('tags._amba-PublishFailCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PublishFailCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventGrid topics PublishFailCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PublishFailCount", + "metricNamespace": "Microsoft.EventGrid/topics", + "metricName": "PublishFailCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PublishFailCount-threshold-Override_'), field('tags._amba-PublishFailCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/clusters/templates/policy/CPU_8875590a-9f72-49a2-807f-62437f8079b1.json b/services/EventHub/clusters/templates/policy/CPU_8875590a-9f72-49a2-807f-62437f8079b1.json new file mode 100644 index 000000000..546a6dc69 --- /dev/null +++ b/services/EventHub/clusters/templates/policy/CPU_8875590a-9f72-49a2-807f-62437f8079b1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8875590a-9f72-49a2-807f-62437f8079b1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub clusters CPU Alert", + "description": "Policy to Audit/Deploy EventHub clusters CPU Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "70" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CPU" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CPU-threshold-Override_'), field('tags._amba-CPU-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CPU')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub clusters CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CPU", + "metricNamespace": "Microsoft.EventHub/clusters", + "metricName": "CPU", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CPU-threshold-Override_'), field('tags._amba-CPU-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/CaptureBacklog_2959b52d-6756-480d-9193-b2c0c4c5d305.json b/services/EventHub/namespaces/templates/policy/CaptureBacklog_2959b52d-6756-480d-9193-b2c0c4c5d305.json new file mode 100644 index 000000000..cb891d02e --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/CaptureBacklog_2959b52d-6756-480d-9193-b2c0c4c5d305.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2959b52d-6756-480d-9193-b2c0c4c5d305", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces CaptureBacklog Alert", + "description": "Policy to Audit/Deploy EventHub namespaces CaptureBacklog Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CaptureBacklog" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CaptureBacklog-threshold-Override_'), field('tags._amba-CaptureBacklog-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CaptureBacklog')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces CaptureBacklog", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CaptureBacklog", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "CaptureBacklog", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CaptureBacklog-threshold-Override_'), field('tags._amba-CaptureBacklog-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/IncomingBytes_2ca39ff3-6f87-438c-81f6-7ce51f70902f.json b/services/EventHub/namespaces/templates/policy/IncomingBytes_2ca39ff3-6f87-438c-81f6-7ce51f70902f.json new file mode 100644 index 000000000..f90e50175 --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/IncomingBytes_2ca39ff3-6f87-438c-81f6-7ce51f70902f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2ca39ff3-6f87-438c-81f6-7ce51f70902f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces IncomingBytes Alert", + "description": "Policy to Audit/Deploy EventHub namespaces IncomingBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "400000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IncomingBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IncomingBytes-threshold-Override_'), field('tags._amba-IncomingBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IncomingBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces IncomingBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IncomingBytes", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "IncomingBytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IncomingBytes-threshold-Override_'), field('tags._amba-IncomingBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/IncomingMessages_4f1964ce-6938-499a-af3d-bb746aaff72a.json b/services/EventHub/namespaces/templates/policy/IncomingMessages_4f1964ce-6938-499a-af3d-bb746aaff72a.json new file mode 100644 index 000000000..41349859b --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/IncomingMessages_4f1964ce-6938-499a-af3d-bb746aaff72a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4f1964ce-6938-499a-af3d-bb746aaff72a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces IncomingMessages Alert", + "description": "Policy to Audit/Deploy EventHub namespaces IncomingMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IncomingMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IncomingMessages-threshold-Override_'), field('tags._amba-IncomingMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IncomingMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces IncomingMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IncomingMessages", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "IncomingMessages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IncomingMessages-threshold-Override_'), field('tags._amba-IncomingMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/NamespaceCpuUsage_a9c1e74c-bd3a-438c-bd13-7a2fec2d172c.json b/services/EventHub/namespaces/templates/policy/NamespaceCpuUsage_a9c1e74c-bd3a-438c-bd13-7a2fec2d172c.json new file mode 100644 index 000000000..e5ee86a50 --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/NamespaceCpuUsage_a9c1e74c-bd3a-438c-bd13-7a2fec2d172c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a9c1e74c-bd3a-438c-bd13-7a2fec2d172c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces NamespaceCpuUsage Alert", + "description": "Policy to Audit/Deploy EventHub namespaces NamespaceCpuUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NamespaceCpuUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-NamespaceCpuUsage-threshold-Override_'), field('tags._amba-NamespaceCpuUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NamespaceCpuUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces NamespaceCpuUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NamespaceCpuUsage", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "NamespaceCpuUsage", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-NamespaceCpuUsage-threshold-Override_'), field('tags._amba-NamespaceCpuUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/NamespaceMemoryUsage_26972609-fbb4-4fb9-b7f8-7b99a06bb4e3.json b/services/EventHub/namespaces/templates/policy/NamespaceMemoryUsage_26972609-fbb4-4fb9-b7f8-7b99a06bb4e3.json new file mode 100644 index 000000000..a35cb2dea --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/NamespaceMemoryUsage_26972609-fbb4-4fb9-b7f8-7b99a06bb4e3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "26972609-fbb4-4fb9-b7f8-7b99a06bb4e3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces NamespaceMemoryUsage Alert", + "description": "Policy to Audit/Deploy EventHub namespaces NamespaceMemoryUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NamespaceMemoryUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-NamespaceMemoryUsage-threshold-Override_'), field('tags._amba-NamespaceMemoryUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NamespaceMemoryUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces NamespaceMemoryUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NamespaceMemoryUsage", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "NamespaceMemoryUsage", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-NamespaceMemoryUsage-threshold-Override_'), field('tags._amba-NamespaceMemoryUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/OutgoingBytes_46a66177-c487-4ed1-b2fc-19c0bf52b168.json b/services/EventHub/namespaces/templates/policy/OutgoingBytes_46a66177-c487-4ed1-b2fc-19c0bf52b168.json new file mode 100644 index 000000000..5e3ce569e --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/OutgoingBytes_46a66177-c487-4ed1-b2fc-19c0bf52b168.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "46a66177-c487-4ed1-b2fc-19c0bf52b168", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces OutgoingBytes Alert", + "description": "Policy to Audit/Deploy EventHub namespaces OutgoingBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "400000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OutgoingBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OutgoingBytes-threshold-Override_'), field('tags._amba-OutgoingBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OutgoingBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces OutgoingBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OutgoingBytes", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "OutgoingBytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OutgoingBytes-threshold-Override_'), field('tags._amba-OutgoingBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/OutgoingMessages_c67b86dc-74d5-4ea1-882e-de257d054ff3.json b/services/EventHub/namespaces/templates/policy/OutgoingMessages_c67b86dc-74d5-4ea1-882e-de257d054ff3.json new file mode 100644 index 000000000..e83bb3e81 --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/OutgoingMessages_c67b86dc-74d5-4ea1-882e-de257d054ff3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c67b86dc-74d5-4ea1-882e-de257d054ff3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces OutgoingMessages Alert", + "description": "Policy to Audit/Deploy EventHub namespaces OutgoingMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OutgoingMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OutgoingMessages-threshold-Override_'), field('tags._amba-OutgoingMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OutgoingMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces OutgoingMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OutgoingMessages", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "OutgoingMessages", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OutgoingMessages-threshold-Override_'), field('tags._amba-OutgoingMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/QuotaExceededErrors_237493ef-15c0-4e87-80bc-f8c59dd897ce.json b/services/EventHub/namespaces/templates/policy/QuotaExceededErrors_237493ef-15c0-4e87-80bc-f8c59dd897ce.json new file mode 100644 index 000000000..84b0b6162 --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/QuotaExceededErrors_237493ef-15c0-4e87-80bc-f8c59dd897ce.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "237493ef-15c0-4e87-80bc-f8c59dd897ce", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces QuotaExceededErrors Alert", + "description": "Policy to Audit/Deploy EventHub namespaces QuotaExceededErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QuotaExceededErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QuotaExceededErrors-threshold-Override_'), field('tags._amba-QuotaExceededErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QuotaExceededErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces QuotaExceededErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QuotaExceededErrors", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "QuotaExceededErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QuotaExceededErrors-threshold-Override_'), field('tags._amba-QuotaExceededErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/ServerErrors_48581aa9-53ee-4467-b04c-402061fe40e8.json b/services/EventHub/namespaces/templates/policy/ServerErrors_48581aa9-53ee-4467-b04c-402061fe40e8.json new file mode 100644 index 000000000..ac76b09fb --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/ServerErrors_48581aa9-53ee-4467-b04c-402061fe40e8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "48581aa9-53ee-4467-b04c-402061fe40e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces ServerErrors Alert", + "description": "Policy to Audit/Deploy EventHub namespaces ServerErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces ServerErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerErrors", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "ServerErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/ThrottledRequests_1684f387-04e6-440c-a931-f57efdc84cd2.json b/services/EventHub/namespaces/templates/policy/ThrottledRequests_1684f387-04e6-440c-a931-f57efdc84cd2.json new file mode 100644 index 000000000..fe3faf6ed --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/ThrottledRequests_1684f387-04e6-440c-a931-f57efdc84cd2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1684f387-04e6-440c-a931-f57efdc84cd2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces ThrottledRequests Alert", + "description": "Policy to Audit/Deploy EventHub namespaces ThrottledRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ThrottledRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ThrottledRequests-threshold-Override_'), field('tags._amba-ThrottledRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ThrottledRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces ThrottledRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ThrottledRequests", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "ThrottledRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ThrottledRequests-threshold-Override_'), field('tags._amba-ThrottledRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/EventHub/namespaces/templates/policy/UserErrors_b1700765-b168-4ad4-a73e-f3a93a6bf5cf.json b/services/EventHub/namespaces/templates/policy/UserErrors_b1700765-b168-4ad4-a73e-f3a93a6bf5cf.json new file mode 100644 index 000000000..a6a945f3e --- /dev/null +++ b/services/EventHub/namespaces/templates/policy/UserErrors_b1700765-b168-4ad4-a73e-f3a93a6bf5cf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b1700765-b168-4ad4-a73e-f3a93a6bf5cf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy EventHub namespaces UserErrors Alert", + "description": "Policy to Audit/Deploy EventHub namespaces UserErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "EventHub", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.EventHub/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UserErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.EventHub/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UserErrors-threshold-Override_'), field('tags._amba-UserErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UserErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for EventHub namespaces UserErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UserErrors", + "metricNamespace": "Microsoft.EventHub/namespaces", + "metricName": "UserErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UserErrors-threshold-Override_'), field('tags._amba-UserErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/HealthcareApis/services/templates/policy/TotalLatency_30ba09b3-4e96-403d-a295-8f37788914aa.json b/services/HealthcareApis/services/templates/policy/TotalLatency_30ba09b3-4e96-403d-a295-8f37788914aa.json new file mode 100644 index 000000000..6a990980e --- /dev/null +++ b/services/HealthcareApis/services/templates/policy/TotalLatency_30ba09b3-4e96-403d-a295-8f37788914aa.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "30ba09b3-4e96-403d-a295-8f37788914aa", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy HealthcareApis services TotalLatency Alert", + "description": "Policy to Audit/Deploy HealthcareApis services TotalLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "HealthcareApis", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.HealthcareApis/services" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.HealthcareApis/services" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.HealthcareApis/services/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for HealthcareApis services TotalLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalLatency", + "metricNamespace": "Microsoft.HealthcareApis/services", + "metricName": "TotalLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/HealthcareApis/services/templates/policy/TotalRequests_75dbbcf0-d6ae-401f-8765-ba643385da9b.json b/services/HealthcareApis/services/templates/policy/TotalRequests_75dbbcf0-d6ae-401f-8765-ba643385da9b.json new file mode 100644 index 000000000..c38dca6a1 --- /dev/null +++ b/services/HealthcareApis/services/templates/policy/TotalRequests_75dbbcf0-d6ae-401f-8765-ba643385da9b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "75dbbcf0-d6ae-401f-8765-ba643385da9b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy HealthcareApis services TotalRequests Alert", + "description": "Policy to Audit/Deploy HealthcareApis services TotalRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "HealthcareApis", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.HealthcareApis/services" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.HealthcareApis/services" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.HealthcareApis/services/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for HealthcareApis services TotalRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalRequests", + "metricNamespace": "Microsoft.HealthcareApis/services", + "metricName": "TotalRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/ActivityLogKeyVaultDelete_f68ed392-7179-419d-8ee6-3813ea10866b.json b/services/KeyVault/vaults/templates/policy/ActivityLogKeyVaultDelete_f68ed392-7179-419d-8ee6-3813ea10866b.json new file mode 100644 index 000000000..84b2aeb28 --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/ActivityLogKeyVaultDelete_f68ed392-7179-419d-8ee6-3813ea10866b.json @@ -0,0 +1,260 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_KeyVault_Delete", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log Key Vault Delete Alert", + "description": "Policy to Deploy Activity Log Key Vault Delete Alert", + "metadata": { + "version": "1.0.1", + "category": "Key Vault", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "microsoft.keyvault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityKeyVaultDelete", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.KeyVault/vaults/delete" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityKeyVaultDelete", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityKeyVaultDelete", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log Key Vault Delete", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.KeyVault/vaults/delete" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/Availability_a3c8bcb4-22ca-45be-92f7-605f232ecec2.json b/services/KeyVault/vaults/templates/policy/Availability_a3c8bcb4-22ca-45be-92f7-605f232ecec2.json new file mode 100644 index 000000000..3b643438f --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/Availability_a3c8bcb4-22ca-45be-92f7-605f232ecec2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a3c8bcb4-22ca-45be-92f7-605f232ecec2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy KeyVault Availability Alert", + "description": "Policy to Audit/Deploy KeyVault Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "KeyVault", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Availability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.KeyVault/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Availability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for KeyVault vaults Availability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Availability", + "metricNamespace": "Microsoft.KeyVault/vaults", + "metricName": "Availability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/SaturationShoebox_dc852755-e5df-4fd0-83ac-cbbc516f60b3.json b/services/KeyVault/vaults/templates/policy/SaturationShoebox_dc852755-e5df-4fd0-83ac-cbbc516f60b3.json new file mode 100644 index 000000000..9b7ba6edc --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/SaturationShoebox_dc852755-e5df-4fd0-83ac-cbbc516f60b3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dc852755-e5df-4fd0-83ac-cbbc516f60b3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy KeyVault Capacity Alert", + "description": "Policy to Audit/Deploy KeyVault Capacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "KeyVault", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SaturationShoebox" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.KeyVault/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SaturationShoebox-threshold-Override_'), field('tags._amba-SaturationShoebox-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SaturationShoebox')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for KeyVault vaults SaturationShoebox", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SaturationShoebox", + "metricNamespace": "Microsoft.KeyVault/vaults", + "metricName": "SaturationShoebox", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SaturationShoebox-threshold-Override_'), field('tags._amba-SaturationShoebox-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/ServiceApiHit_7b52bf07-3d86-4429-b5d4-829a6a5542df.json b/services/KeyVault/vaults/templates/policy/ServiceApiHit_7b52bf07-3d86-4429-b5d4-829a6a5542df.json new file mode 100644 index 000000000..b34d7f57d --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/ServiceApiHit_7b52bf07-3d86-4429-b5d4-829a6a5542df.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7b52bf07-3d86-4429-b5d4-829a6a5542df", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy KeyVault vaults ServiceApiHit Alert", + "description": "Policy to Audit/Deploy KeyVault vaults ServiceApiHit Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "KeyVault", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServiceApiHit" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.KeyVault/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServiceApiHit-threshold-Override_'), field('tags._amba-ServiceApiHit-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServiceApiHit')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for KeyVault vaults ServiceApiHit", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServiceApiHit", + "metricNamespace": "Microsoft.KeyVault/vaults", + "metricName": "ServiceApiHit", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServiceApiHit-threshold-Override_'), field('tags._amba-ServiceApiHit-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/ServiceApiLatency_2651f57f-ac74-44f3-8511-c245488134f8.json b/services/KeyVault/vaults/templates/policy/ServiceApiLatency_2651f57f-ac74-44f3-8511-c245488134f8.json new file mode 100644 index 000000000..35edd20eb --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/ServiceApiLatency_2651f57f-ac74-44f3-8511-c245488134f8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2651f57f-ac74-44f3-8511-c245488134f8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy KeyVault Latency Alert", + "description": "Policy to Audit/Deploy KeyVault Latency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "KeyVault", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServiceApiLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.KeyVault/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServiceApiLatency-threshold-Override_'), field('tags._amba-ServiceApiLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServiceApiLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for KeyVault vaults ServiceApiLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServiceApiLatency", + "metricNamespace": "Microsoft.KeyVault/vaults", + "metricName": "ServiceApiLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServiceApiLatency-threshold-Override_'), field('tags._amba-ServiceApiLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/KeyVault/vaults/templates/policy/ServiceApiResult_14356b19-1264-498d-b1cd-e3fa9f0c9fc9.json b/services/KeyVault/vaults/templates/policy/ServiceApiResult_14356b19-1264-498d-b1cd-e3fa9f0c9fc9.json new file mode 100644 index 000000000..d22ac7ecd --- /dev/null +++ b/services/KeyVault/vaults/templates/policy/ServiceApiResult_14356b19-1264-498d-b1cd-e3fa9f0c9fc9.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "14356b19-1264-498d-b1cd-e3fa9f0c9fc9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy KeyVault Requests Alert", + "description": "Policy to Audit/Deploy KeyVault Requests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "KeyVault", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.KeyVault/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServiceApiResult" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.KeyVault/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServiceApiResult')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for KeyVault vaults ServiceApiResult", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServiceApiResult", + "metricNamespace": "Microsoft.KeyVault/vaults", + "metricName": "ServiceApiResult", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/BlobsDropped_422c292e-54e3-4e7d-93e2-bcd1bf65dae6.json b/services/Kusto/clusters/templates/policy/BlobsDropped_422c292e-54e3-4e7d-93e2-bcd1bf65dae6.json new file mode 100644 index 000000000..f573168a2 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/BlobsDropped_422c292e-54e3-4e7d-93e2-bcd1bf65dae6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "422c292e-54e3-4e7d-93e2-bcd1bf65dae6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters BlobsDropped Alert", + "description": "Policy to Audit/Deploy Kusto clusters BlobsDropped Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BlobsDropped" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BlobsDropped-threshold-Override_'), field('tags._amba-BlobsDropped-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BlobsDropped')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters BlobsDropped", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BlobsDropped", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "BlobsDropped", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BlobsDropped-threshold-Override_'), field('tags._amba-BlobsDropped-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/CPU_cae6ec0a-a26d-494b-94b2-3d93dcedff42.json b/services/Kusto/clusters/templates/policy/CPU_cae6ec0a-a26d-494b-94b2-3d93dcedff42.json new file mode 100644 index 000000000..caa916115 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/CPU_cae6ec0a-a26d-494b-94b2-3d93dcedff42.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cae6ec0a-a26d-494b-94b2-3d93dcedff42", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters CPU Alert", + "description": "Policy to Audit/Deploy Kusto clusters CPU Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "70" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CPU" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CPU-threshold-Override_'), field('tags._amba-CPU-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CPU')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters CPU", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CPU", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "CPU", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CPU-threshold-Override_'), field('tags._amba-CPU-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/IngestionLatencyInSeconds_8493c362-2524-4079-9025-8f5ffee62936.json b/services/Kusto/clusters/templates/policy/IngestionLatencyInSeconds_8493c362-2524-4079-9025-8f5ffee62936.json new file mode 100644 index 000000000..ed9c20cc5 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/IngestionLatencyInSeconds_8493c362-2524-4079-9025-8f5ffee62936.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8493c362-2524-4079-9025-8f5ffee62936", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters IngestionLatencyInSeconds Alert", + "description": "Policy to Audit/Deploy Kusto clusters IngestionLatencyInSeconds Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1800" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IngestionLatencyInSeconds" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Minimum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IngestionLatencyInSeconds-threshold-Override_'), field('tags._amba-IngestionLatencyInSeconds-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IngestionLatencyInSeconds')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters IngestionLatencyInSeconds", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IngestionLatencyInSeconds", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "IngestionLatencyInSeconds", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Minimum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IngestionLatencyInSeconds-threshold-Override_'), field('tags._amba-IngestionLatencyInSeconds-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/IngestionResult_6c4213c5-743f-48b8-b957-dd26fbf8809e.json b/services/Kusto/clusters/templates/policy/IngestionResult_6c4213c5-743f-48b8-b957-dd26fbf8809e.json new file mode 100644 index 000000000..2f1560fb3 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/IngestionResult_6c4213c5-743f-48b8-b957-dd26fbf8809e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6c4213c5-743f-48b8-b957-dd26fbf8809e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters IngestionResult Alert", + "description": "Policy to Audit/Deploy Kusto clusters IngestionResult Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "300" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IngestionResult" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IngestionResult-threshold-Override_'), field('tags._amba-IngestionResult-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IngestionResult')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters IngestionResult", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IngestionResult", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "IngestionResult", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IngestionResult-threshold-Override_'), field('tags._amba-IngestionResult-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/KeepAlive_188fc0b5-a686-48a7-950f-76f183ba49d6.json b/services/Kusto/clusters/templates/policy/KeepAlive_188fc0b5-a686-48a7-950f-76f183ba49d6.json new file mode 100644 index 000000000..7bb4d4a61 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/KeepAlive_188fc0b5-a686-48a7-950f-76f183ba49d6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "188fc0b5-a686-48a7-950f-76f183ba49d6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters KeepAlive Alert", + "description": "Policy to Audit/Deploy Kusto clusters KeepAlive Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "KeepAlive" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-KeepAlive-threshold-Override_'), field('tags._amba-KeepAlive-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-KeepAlive')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters KeepAlive", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "KeepAlive", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "KeepAlive", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-KeepAlive-threshold-Override_'), field('tags._amba-KeepAlive-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Kusto/clusters/templates/policy/QueryResult_b131dc45-d6ac-4521-8206-a365ac2dbe52.json b/services/Kusto/clusters/templates/policy/QueryResult_b131dc45-d6ac-4521-8206-a365ac2dbe52.json new file mode 100644 index 000000000..35d501b95 --- /dev/null +++ b/services/Kusto/clusters/templates/policy/QueryResult_b131dc45-d6ac-4521-8206-a365ac2dbe52.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b131dc45-d6ac-4521-8206-a365ac2dbe52", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Kusto clusters QueryResult Alert", + "description": "Policy to Audit/Deploy Kusto clusters QueryResult Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Kusto", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Kusto/clusters" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueryResult" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Kusto/clusters/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QueryResult-threshold-Override_'), field('tags._amba-QueryResult-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueryResult')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Kusto clusters QueryResult", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueryResult", + "metricNamespace": "Microsoft.Kusto/clusters", + "metricName": "QueryResult", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QueryResult-threshold-Override_'), field('tags._amba-QueryResult-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/ActionLatency_d8bf77d2-8572-4392-8097-5e84f136513d.json b/services/Logic/workflows/templates/policy/ActionLatency_d8bf77d2-8572-4392-8097-5e84f136513d.json new file mode 100644 index 000000000..d6c9b564b --- /dev/null +++ b/services/Logic/workflows/templates/policy/ActionLatency_d8bf77d2-8572-4392-8097-5e84f136513d.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d8bf77d2-8572-4392-8097-5e84f136513d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows ActionLatency Alert", + "description": "Policy to Audit/Deploy Logic workflows ActionLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActionLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActionLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows ActionLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActionLatency", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "ActionLatency", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/ActionThrottledEvents_5aa5790b-2bff-40b0-9099-38485b9a9e0a.json b/services/Logic/workflows/templates/policy/ActionThrottledEvents_5aa5790b-2bff-40b0-9099-38485b9a9e0a.json new file mode 100644 index 000000000..6d1366bf1 --- /dev/null +++ b/services/Logic/workflows/templates/policy/ActionThrottledEvents_5aa5790b-2bff-40b0-9099-38485b9a9e0a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5aa5790b-2bff-40b0-9099-38485b9a9e0a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows ActionThrottledEvents Alert", + "description": "Policy to Audit/Deploy Logic workflows ActionThrottledEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActionThrottledEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActionThrottledEvents-threshold-Override_'), field('tags._amba-ActionThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActionThrottledEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows ActionThrottledEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActionThrottledEvents", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "ActionThrottledEvents", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActionThrottledEvents-threshold-Override_'), field('tags._amba-ActionThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/ActionsFailed_514f695a-4f11-4a28-9516-f7f3b5b1c53b.json b/services/Logic/workflows/templates/policy/ActionsFailed_514f695a-4f11-4a28-9516-f7f3b5b1c53b.json new file mode 100644 index 000000000..8daef09df --- /dev/null +++ b/services/Logic/workflows/templates/policy/ActionsFailed_514f695a-4f11-4a28-9516-f7f3b5b1c53b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "514f695a-4f11-4a28-9516-f7f3b5b1c53b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows ActionsFailed Alert", + "description": "Policy to Audit/Deploy Logic workflows ActionsFailed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActionsFailed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActionsFailed-threshold-Override_'), field('tags._amba-ActionsFailed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActionsFailed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows ActionsFailed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActionsFailed", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "ActionsFailed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActionsFailed-threshold-Override_'), field('tags._amba-ActionsFailed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunFailurePercentage_c4864d80-dd28-4344-a135-03b600920c06.json b/services/Logic/workflows/templates/policy/RunFailurePercentage_c4864d80-dd28-4344-a135-03b600920c06.json new file mode 100644 index 000000000..4b4341d36 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunFailurePercentage_c4864d80-dd28-4344-a135-03b600920c06.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c4864d80-dd28-4344-a135-03b600920c06", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunFailurePercentage Alert", + "description": "Policy to Audit/Deploy Logic workflows RunFailurePercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunFailurePercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunFailurePercentage-threshold-Override_'), field('tags._amba-RunFailurePercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunFailurePercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunFailurePercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunFailurePercentage", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunFailurePercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunFailurePercentage-threshold-Override_'), field('tags._amba-RunFailurePercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunLatency_eb44cbdc-a259-4354-9b54-2bc72f811440.json b/services/Logic/workflows/templates/policy/RunLatency_eb44cbdc-a259-4354-9b54-2bc72f811440.json new file mode 100644 index 000000000..0da344ff9 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunLatency_eb44cbdc-a259-4354-9b54-2bc72f811440.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "eb44cbdc-a259-4354-9b54-2bc72f811440", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunLatency Alert", + "description": "Policy to Audit/Deploy Logic workflows RunLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "99999" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunLatency-threshold-Override_'), field('tags._amba-RunLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunLatency", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunLatency-threshold-Override_'), field('tags._amba-RunLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunStartThrottledEvents_6524b22c-661e-48cd-87e7-7ee9ddea7b8b.json b/services/Logic/workflows/templates/policy/RunStartThrottledEvents_6524b22c-661e-48cd-87e7-7ee9ddea7b8b.json new file mode 100644 index 000000000..92101f4e8 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunStartThrottledEvents_6524b22c-661e-48cd-87e7-7ee9ddea7b8b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6524b22c-661e-48cd-87e7-7ee9ddea7b8b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunStartThrottledEvents Alert", + "description": "Policy to Audit/Deploy Logic workflows RunStartThrottledEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunStartThrottledEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunStartThrottledEvents-threshold-Override_'), field('tags._amba-RunStartThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunStartThrottledEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunStartThrottledEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunStartThrottledEvents", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunStartThrottledEvents", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunStartThrottledEvents-threshold-Override_'), field('tags._amba-RunStartThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunSuccessLatency_346ba728-f7a1-4ca4-8486-786d6ebb9f9a.json b/services/Logic/workflows/templates/policy/RunSuccessLatency_346ba728-f7a1-4ca4-8486-786d6ebb9f9a.json new file mode 100644 index 000000000..4a4cb355f --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunSuccessLatency_346ba728-f7a1-4ca4-8486-786d6ebb9f9a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "346ba728-f7a1-4ca4-8486-786d6ebb9f9a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunSuccessLatency Alert", + "description": "Policy to Audit/Deploy Logic workflows RunSuccessLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunSuccessLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunSuccessLatency-threshold-Override_'), field('tags._amba-RunSuccessLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunSuccessLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunSuccessLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunSuccessLatency", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunSuccessLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunSuccessLatency-threshold-Override_'), field('tags._amba-RunSuccessLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunThrottledEvents_9d324d21-ab2b-48b7-a637-4b1d9891d6b5.json b/services/Logic/workflows/templates/policy/RunThrottledEvents_9d324d21-ab2b-48b7-a637-4b1d9891d6b5.json new file mode 100644 index 000000000..99a596a76 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunThrottledEvents_9d324d21-ab2b-48b7-a637-4b1d9891d6b5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9d324d21-ab2b-48b7-a637-4b1d9891d6b5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunThrottledEvents Alert", + "description": "Policy to Audit/Deploy Logic workflows RunThrottledEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunThrottledEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunThrottledEvents-threshold-Override_'), field('tags._amba-RunThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunThrottledEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunThrottledEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunThrottledEvents", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunThrottledEvents", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunThrottledEvents-threshold-Override_'), field('tags._amba-RunThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunsCancelled_a4b5f1f3-aa12-4ed5-8a9d-a135204d22de.json b/services/Logic/workflows/templates/policy/RunsCancelled_a4b5f1f3-aa12-4ed5-8a9d-a135204d22de.json new file mode 100644 index 000000000..a3bc869a0 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunsCancelled_a4b5f1f3-aa12-4ed5-8a9d-a135204d22de.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a4b5f1f3-aa12-4ed5-8a9d-a135204d22de", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunsCancelled Alert", + "description": "Policy to Audit/Deploy Logic workflows RunsCancelled Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunsCancelled" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunsCancelled-threshold-Override_'), field('tags._amba-RunsCancelled-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunsCancelled')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunsCancelled", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunsCancelled", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunsCancelled", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunsCancelled-threshold-Override_'), field('tags._amba-RunsCancelled-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunsCompleted_5d020d4d-9359-4ecd-934a-409d0e4a5abd.json b/services/Logic/workflows/templates/policy/RunsCompleted_5d020d4d-9359-4ecd-934a-409d0e4a5abd.json new file mode 100644 index 000000000..9deef7ec1 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunsCompleted_5d020d4d-9359-4ecd-934a-409d0e4a5abd.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5d020d4d-9359-4ecd-934a-409d0e4a5abd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunsCompleted Alert", + "description": "Policy to Audit/Deploy Logic workflows RunsCompleted Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunsCompleted" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunsCompleted')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunsCompleted", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunsCompleted", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunsCompleted", + "operator": "LessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Count", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunsFailed_350cc22f-d202-4c7c-9239-cbdb3b71e14b.json b/services/Logic/workflows/templates/policy/RunsFailed_350cc22f-d202-4c7c-9239-cbdb3b71e14b.json new file mode 100644 index 000000000..98da0ca4f --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunsFailed_350cc22f-d202-4c7c-9239-cbdb3b71e14b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "350cc22f-d202-4c7c-9239-cbdb3b71e14b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunsFailed Alert", + "description": "Policy to Audit/Deploy Logic workflows RunsFailed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunsFailed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunsFailed-threshold-Override_'), field('tags._amba-RunsFailed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunsFailed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunsFailed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunsFailed", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunsFailed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunsFailed-threshold-Override_'), field('tags._amba-RunsFailed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunsStarted_8f7a8cb8-feef-4eaa-9e74-18693ce9969e.json b/services/Logic/workflows/templates/policy/RunsStarted_8f7a8cb8-feef-4eaa-9e74-18693ce9969e.json new file mode 100644 index 000000000..7a15de786 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunsStarted_8f7a8cb8-feef-4eaa-9e74-18693ce9969e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8f7a8cb8-feef-4eaa-9e74-18693ce9969e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunsStarted Alert", + "description": "Policy to Audit/Deploy Logic workflows RunsStarted Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunsStarted" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunsStarted-threshold-Override_'), field('tags._amba-RunsStarted-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunsStarted')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunsStarted", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunsStarted", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunsStarted", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunsStarted-threshold-Override_'), field('tags._amba-RunsStarted-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/RunsSucceeded_16c2d231-f28b-4146-9aa3-57d419eb8780.json b/services/Logic/workflows/templates/policy/RunsSucceeded_16c2d231-f28b-4146-9aa3-57d419eb8780.json new file mode 100644 index 000000000..aacbcdc07 --- /dev/null +++ b/services/Logic/workflows/templates/policy/RunsSucceeded_16c2d231-f28b-4146-9aa3-57d419eb8780.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "16c2d231-f28b-4146-9aa3-57d419eb8780", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows RunsSucceeded Alert", + "description": "Policy to Audit/Deploy Logic workflows RunsSucceeded Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RunsSucceeded" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RunsSucceeded-threshold-Override_'), field('tags._amba-RunsSucceeded-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RunsSucceeded')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows RunsSucceeded", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RunsSucceeded", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "RunsSucceeded", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RunsSucceeded-threshold-Override_'), field('tags._amba-RunsSucceeded-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/TotalBillableExecutions_85bb464e-d9ce-496a-a66d-4c6d28d808df.json b/services/Logic/workflows/templates/policy/TotalBillableExecutions_85bb464e-d9ce-496a-a66d-4c6d28d808df.json new file mode 100644 index 000000000..5b8cbd78b --- /dev/null +++ b/services/Logic/workflows/templates/policy/TotalBillableExecutions_85bb464e-d9ce-496a-a66d-4c6d28d808df.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "85bb464e-d9ce-496a-a66d-4c6d28d808df", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows TotalBillableExecutions Alert", + "description": "Policy to Audit/Deploy Logic workflows TotalBillableExecutions Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalBillableExecutions" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalBillableExecutions-threshold-Override_'), field('tags._amba-TotalBillableExecutions-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalBillableExecutions')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows TotalBillableExecutions", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalBillableExecutions", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "TotalBillableExecutions", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalBillableExecutions-threshold-Override_'), field('tags._amba-TotalBillableExecutions-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/TriggerLatency_114f7c8e-e285-487d-9e50-7fe160769167.json b/services/Logic/workflows/templates/policy/TriggerLatency_114f7c8e-e285-487d-9e50-7fe160769167.json new file mode 100644 index 000000000..f38fb2a35 --- /dev/null +++ b/services/Logic/workflows/templates/policy/TriggerLatency_114f7c8e-e285-487d-9e50-7fe160769167.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "114f7c8e-e285-487d-9e50-7fe160769167", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows TriggerLatency Alert", + "description": "Policy to Audit/Deploy Logic workflows TriggerLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggerLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggerLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows TriggerLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggerLatency", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "TriggerLatency", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/TriggerThrottledEvents_42ae6a24-d545-4bbd-a7f9-8a3b6f977366.json b/services/Logic/workflows/templates/policy/TriggerThrottledEvents_42ae6a24-d545-4bbd-a7f9-8a3b6f977366.json new file mode 100644 index 000000000..43c6bb466 --- /dev/null +++ b/services/Logic/workflows/templates/policy/TriggerThrottledEvents_42ae6a24-d545-4bbd-a7f9-8a3b6f977366.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "42ae6a24-d545-4bbd-a7f9-8a3b6f977366", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows TriggerThrottledEvents Alert", + "description": "Policy to Audit/Deploy Logic workflows TriggerThrottledEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggerThrottledEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TriggerThrottledEvents-threshold-Override_'), field('tags._amba-TriggerThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggerThrottledEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows TriggerThrottledEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggerThrottledEvents", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "TriggerThrottledEvents", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TriggerThrottledEvents-threshold-Override_'), field('tags._amba-TriggerThrottledEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/TriggersFailed_0378fd1f-976e-4a32-aa2b-25003e7d6ee5.json b/services/Logic/workflows/templates/policy/TriggersFailed_0378fd1f-976e-4a32-aa2b-25003e7d6ee5.json new file mode 100644 index 000000000..c902e0649 --- /dev/null +++ b/services/Logic/workflows/templates/policy/TriggersFailed_0378fd1f-976e-4a32-aa2b-25003e7d6ee5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0378fd1f-976e-4a32-aa2b-25003e7d6ee5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows TriggersFailed Alert", + "description": "Policy to Audit/Deploy Logic workflows TriggersFailed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggersFailed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TriggersFailed-threshold-Override_'), field('tags._amba-TriggersFailed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggersFailed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows TriggersFailed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggersFailed", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "TriggersFailed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TriggersFailed-threshold-Override_'), field('tags._amba-TriggersFailed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Logic/workflows/templates/policy/TriggersSkipped_cb35fd68-9568-42f9-b527-44e77726b100.json b/services/Logic/workflows/templates/policy/TriggersSkipped_cb35fd68-9568-42f9-b527-44e77726b100.json new file mode 100644 index 000000000..d34f58747 --- /dev/null +++ b/services/Logic/workflows/templates/policy/TriggersSkipped_cb35fd68-9568-42f9-b527-44e77726b100.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cb35fd68-9568-42f9-b527-44e77726b100", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Logic workflows TriggersSkipped Alert", + "description": "Policy to Audit/Deploy Logic workflows TriggersSkipped Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Logic", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Logic/workflows" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TriggersSkipped" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Logic/workflows/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TriggersSkipped-threshold-Override_'), field('tags._amba-TriggersSkipped-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TriggersSkipped')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Logic workflows TriggersSkipped", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TriggersSkipped", + "metricNamespace": "Microsoft.Logic/workflows", + "metricName": "TriggersSkipped", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TriggersSkipped-threshold-Override_'), field('tags._amba-TriggersSkipped-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/MachineLearningServices/workspaces/templates/policy/FailedRuns_c897902c-40a5-497b-a0ce-86c3eda7c61d.json b/services/MachineLearningServices/workspaces/templates/policy/FailedRuns_c897902c-40a5-497b-a0ce-86c3eda7c61d.json new file mode 100644 index 000000000..a96588229 --- /dev/null +++ b/services/MachineLearningServices/workspaces/templates/policy/FailedRuns_c897902c-40a5-497b-a0ce-86c3eda7c61d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c897902c-40a5-497b-a0ce-86c3eda7c61d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy MachineLearningServices workspaces Failed Runs Alert", + "description": "Policy to Audit/Deploy MachineLearningServices workspaces Failed Runs Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "MachineLearningServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.MachineLearningServices/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.MachineLearningServices/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Failed Runs" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.MachineLearningServices/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Failed Runs-threshold-Override_'), field('tags._amba-Failed Runs-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Failed Runs')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for MachineLearningServices workspaces Failed Runs", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Failed Runs", + "metricNamespace": "Microsoft.MachineLearningServices/workspaces", + "metricName": "Failed Runs", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Failed Runs-threshold-Override_'), field('tags._amba-Failed Runs-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Media/mediaservices/templates/policy/AssetQuotaUsedPercentage_c0f647d6-d7f4-46ab-8591-b2f2b481e8e8.json b/services/Media/mediaservices/templates/policy/AssetQuotaUsedPercentage_c0f647d6-d7f4-46ab-8591-b2f2b481e8e8.json new file mode 100644 index 000000000..0bdb58181 --- /dev/null +++ b/services/Media/mediaservices/templates/policy/AssetQuotaUsedPercentage_c0f647d6-d7f4-46ab-8591-b2f2b481e8e8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c0f647d6-d7f4-46ab-8591-b2f2b481e8e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Media mediaservices AssetQuotaUsedPercentage Alert", + "description": "Policy to Audit/Deploy Media mediaservices AssetQuotaUsedPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Media", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AssetQuotaUsedPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Media/mediaservices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AssetQuotaUsedPercentage-threshold-Override_'), field('tags._amba-AssetQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AssetQuotaUsedPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Media mediaservices AssetQuotaUsedPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AssetQuotaUsedPercentage", + "metricNamespace": "Microsoft.Media/mediaservices", + "metricName": "AssetQuotaUsedPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AssetQuotaUsedPercentage-threshold-Override_'), field('tags._amba-AssetQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Media/mediaservices/templates/policy/ContentKeyPolicyQuotaUsedPercentage_65d02c68-e50f-4a0e-9de9-0d52edea4af0.json b/services/Media/mediaservices/templates/policy/ContentKeyPolicyQuotaUsedPercentage_65d02c68-e50f-4a0e-9de9-0d52edea4af0.json new file mode 100644 index 000000000..b7cd4d8ed --- /dev/null +++ b/services/Media/mediaservices/templates/policy/ContentKeyPolicyQuotaUsedPercentage_65d02c68-e50f-4a0e-9de9-0d52edea4af0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "65d02c68-e50f-4a0e-9de9-0d52edea4af0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Media mediaservices ContentKeyPolicyQuotaUsedPercentage Alert", + "description": "Policy to Audit/Deploy Media mediaservices ContentKeyPolicyQuotaUsedPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Media", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ContentKeyPolicyQuotaUsedPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Media/mediaservices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ContentKeyPolicyQuotaUsedPercentage-threshold-Override_'), field('tags._amba-ContentKeyPolicyQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ContentKeyPolicyQuotaUsedPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Media mediaservices ContentKeyPolicyQuotaUsedPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ContentKeyPolicyQuotaUsedPercentage", + "metricNamespace": "Microsoft.Media/mediaservices", + "metricName": "ContentKeyPolicyQuotaUsedPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ContentKeyPolicyQuotaUsedPercentage-threshold-Override_'), field('tags._amba-ContentKeyPolicyQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Media/mediaservices/templates/policy/StreamingPolicyQuotaUsedPercentage_9f91c6f3-e93e-4510-b72b-8678f6d38014.json b/services/Media/mediaservices/templates/policy/StreamingPolicyQuotaUsedPercentage_9f91c6f3-e93e-4510-b72b-8678f6d38014.json new file mode 100644 index 000000000..114258663 --- /dev/null +++ b/services/Media/mediaservices/templates/policy/StreamingPolicyQuotaUsedPercentage_9f91c6f3-e93e-4510-b72b-8678f6d38014.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9f91c6f3-e93e-4510-b72b-8678f6d38014", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Media mediaservices StreamingPolicyQuotaUsedPercentage Alert", + "description": "Policy to Audit/Deploy Media mediaservices StreamingPolicyQuotaUsedPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Media", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Media/mediaservices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "StreamingPolicyQuotaUsedPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Media/mediaservices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-StreamingPolicyQuotaUsedPercentage-threshold-Override_'), field('tags._amba-StreamingPolicyQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-StreamingPolicyQuotaUsedPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Media mediaservices StreamingPolicyQuotaUsedPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "StreamingPolicyQuotaUsedPercentage", + "metricNamespace": "Microsoft.Media/mediaservices", + "metricName": "StreamingPolicyQuotaUsedPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-StreamingPolicyQuotaUsedPercentage-threshold-Override_'), field('tags._amba-StreamingPolicyQuotaUsedPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_30b0cb86-ba8b-4eeb-9067-88456ec403ad.json b/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_30b0cb86-ba8b-4eeb-9067-88456ec403ad.json new file mode 100644 index 000000000..cd9af6ca4 --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_30b0cb86-ba8b-4eeb-9067-88456ec403ad.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "30b0cb86-ba8b-4eeb-9067-88456ec403ad", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes AverageReadLatency Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes AverageReadLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageReadLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageReadLatency-threshold-Override_'), field('tags._amba-AverageReadLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageReadLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes AverageReadLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageReadLatency", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "AverageReadLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageReadLatency-threshold-Override_'), field('tags._amba-AverageReadLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_cb7001d3-8a0e-41ed-b281-44fee5379f06.json b/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_cb7001d3-8a0e-41ed-b281-44fee5379f06.json new file mode 100644 index 000000000..a423c7f08 --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/AverageReadLatency_cb7001d3-8a0e-41ed-b281-44fee5379f06.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cb7001d3-8a0e-41ed-b281-44fee5379f06", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes AverageReadLatency Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes AverageReadLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageReadLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageReadLatency-threshold-Override_'), field('tags._amba-AverageReadLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageReadLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes AverageReadLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageReadLatency", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "AverageReadLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageReadLatency-threshold-Override_'), field('tags._amba-AverageReadLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/AverageWriteLatency_075f0066-51f6-4c36-8000-ce7070493674.json b/services/NetApp/netAppAccounts/templates/policy/AverageWriteLatency_075f0066-51f6-4c36-8000-ce7070493674.json new file mode 100644 index 000000000..f1d89d91a --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/AverageWriteLatency_075f0066-51f6-4c36-8000-ce7070493674.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "075f0066-51f6-4c36-8000-ce7070493674", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes AverageWriteLatency Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes AverageWriteLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageWriteLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageWriteLatency-threshold-Override_'), field('tags._amba-AverageWriteLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageWriteLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes AverageWriteLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageWriteLatency", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "AverageWriteLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageWriteLatency-threshold-Override_'), field('tags._amba-AverageWriteLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/CbsVolumeOperationComplete_27768691-301d-4938-bd8a-85598c2b50c6.json b/services/NetApp/netAppAccounts/templates/policy/CbsVolumeOperationComplete_27768691-301d-4938-bd8a-85598c2b50c6.json new file mode 100644 index 000000000..456c67ed9 --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/CbsVolumeOperationComplete_27768691-301d-4938-bd8a-85598c2b50c6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "27768691-301d-4938-bd8a-85598c2b50c6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes CbsVolumeOperationComplete Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes CbsVolumeOperationComplete Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CbsVolumeOperationComplete" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CbsVolumeOperationComplete-threshold-Override_'), field('tags._amba-CbsVolumeOperationComplete-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CbsVolumeOperationComplete')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes CbsVolumeOperationComplete", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CbsVolumeOperationComplete", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "CbsVolumeOperationComplete", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CbsVolumeOperationComplete-threshold-Override_'), field('tags._amba-CbsVolumeOperationComplete-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/VolumeAllocatedSize_1be09484-96ee-4399-8ed4-35f5f4b5c23e.json b/services/NetApp/netAppAccounts/templates/policy/VolumeAllocatedSize_1be09484-96ee-4399-8ed4-35f5f4b5c23e.json new file mode 100644 index 000000000..c336b16cf --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/VolumeAllocatedSize_1be09484-96ee-4399-8ed4-35f5f4b5c23e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1be09484-96ee-4399-8ed4-35f5f4b5c23e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes VolumeAllocatedSize Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes VolumeAllocatedSize Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "107374182400" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VolumeAllocatedSize" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VolumeAllocatedSize-threshold-Override_'), field('tags._amba-VolumeAllocatedSize-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VolumeAllocatedSize')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes VolumeAllocatedSize", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VolumeAllocatedSize", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "VolumeAllocatedSize", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VolumeAllocatedSize-threshold-Override_'), field('tags._amba-VolumeAllocatedSize-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/VolumeConsumedSizePercentage_d474e6d2-0b9a-4912-ae61-16dc23126b3f.json b/services/NetApp/netAppAccounts/templates/policy/VolumeConsumedSizePercentage_d474e6d2-0b9a-4912-ae61-16dc23126b3f.json new file mode 100644 index 000000000..e37be05e2 --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/VolumeConsumedSizePercentage_d474e6d2-0b9a-4912-ae61-16dc23126b3f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d474e6d2-0b9a-4912-ae61-16dc23126b3f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes VolumeConsumedSizePercentage Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes VolumeConsumedSizePercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VolumeConsumedSizePercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VolumeConsumedSizePercentage-threshold-Override_'), field('tags._amba-VolumeConsumedSizePercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VolumeConsumedSizePercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes VolumeConsumedSizePercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VolumeConsumedSizePercentage", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "VolumeConsumedSizePercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VolumeConsumedSizePercentage-threshold-Override_'), field('tags._amba-VolumeConsumedSizePercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/NetApp/netAppAccounts/templates/policy/VolumeLogicalSize_149f6b6c-4729-4da4-af00-bccbb1cce9ae.json b/services/NetApp/netAppAccounts/templates/policy/VolumeLogicalSize_149f6b6c-4729-4da4-af00-bccbb1cce9ae.json new file mode 100644 index 000000000..35c13f94d --- /dev/null +++ b/services/NetApp/netAppAccounts/templates/policy/VolumeLogicalSize_149f6b6c-4729-4da4-af00-bccbb1cce9ae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "149f6b6c-4729-4da4-af00-bccbb1cce9ae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy NetApp netAppAccounts capacityPools volumes VolumeLogicalSize Alert", + "description": "Policy to Audit/Deploy NetApp netAppAccounts capacityPools volumes VolumeLogicalSize Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "NetApp", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85899345920" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VolumeLogicalSize" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.NetApp/netAppAccounts/capacityPools/volumes/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VolumeLogicalSize-threshold-Override_'), field('tags._amba-VolumeLogicalSize-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VolumeLogicalSize')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for NetApp netAppAccounts capacityPools volumes VolumeLogicalSize", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VolumeLogicalSize", + "metricNamespace": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes", + "metricName": "VolumeLogicalSize", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VolumeLogicalSize-threshold-Override_'), field('tags._amba-VolumeLogicalSize-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/ApplicationGatewayTotalTime_73fa1878-d22d-4e8d-922d-9f146454cc40.json b/services/Network/applicationGateways/templates/policy/ApplicationGatewayTotalTime_73fa1878-d22d-4e8d-922d-9f146454cc40.json new file mode 100644 index 000000000..a817686fe --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/ApplicationGatewayTotalTime_73fa1878-d22d-4e8d-922d-9f146454cc40.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "73fa1878-d22d-4e8d-922d-9f146454cc40", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways ApplicationGatewayTotalTime Alert", + "description": "Policy to Audit/Deploy Network applicationGateways ApplicationGatewayTotalTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ApplicationGatewayTotalTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ApplicationGatewayTotalTime-threshold-Override_'), field('tags._amba-ApplicationGatewayTotalTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ApplicationGatewayTotalTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways ApplicationGatewayTotalTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ApplicationGatewayTotalTime", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "ApplicationGatewayTotalTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ApplicationGatewayTotalTime-threshold-Override_'), field('tags._amba-ApplicationGatewayTotalTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/AzwafSecRule_d5827f03-efb6-4257-96e2-b6e34e3bef7e.json b/services/Network/applicationGateways/templates/policy/AzwafSecRule_d5827f03-efb6-4257-96e2-b6e34e3bef7e.json new file mode 100644 index 000000000..5dd6de34a --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/AzwafSecRule_d5827f03-efb6-4257-96e2-b6e34e3bef7e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d5827f03-efb6-4257-96e2-b6e34e3bef7e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways AzwafSecRule Alert", + "description": "Policy to Audit/Deploy Network applicationGateways AzwafSecRule Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AzwafSecRule" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AzwafSecRule-threshold-Override_'), field('tags._amba-AzwafSecRule-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AzwafSecRule')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways AzwafSecRule", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AzwafSecRule", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "AzwafSecRule", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AzwafSecRule-threshold-Override_'), field('tags._amba-AzwafSecRule-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/BackendConnectTime_e636b3ea-da2d-42f5-aedf-12b69432ac1f.json b/services/Network/applicationGateways/templates/policy/BackendConnectTime_e636b3ea-da2d-42f5-aedf-12b69432ac1f.json new file mode 100644 index 000000000..ad22269ce --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/BackendConnectTime_e636b3ea-da2d-42f5-aedf-12b69432ac1f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e636b3ea-da2d-42f5-aedf-12b69432ac1f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways BackendConnectTime Alert", + "description": "Policy to Audit/Deploy Network applicationGateways BackendConnectTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendConnectTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendConnectTime-threshold-Override_'), field('tags._amba-BackendConnectTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendConnectTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways BackendConnectTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendConnectTime", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "BackendConnectTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendConnectTime-threshold-Override_'), field('tags._amba-BackendConnectTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/BackendFirstByteResponseTime_3cbcad15-0bb6-423e-87c1-4d40722103d6.json b/services/Network/applicationGateways/templates/policy/BackendFirstByteResponseTime_3cbcad15-0bb6-423e-87c1-4d40722103d6.json new file mode 100644 index 000000000..f9e992387 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/BackendFirstByteResponseTime_3cbcad15-0bb6-423e-87c1-4d40722103d6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3cbcad15-0bb6-423e-87c1-4d40722103d6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways BackendFirstByteResponseTime Alert", + "description": "Policy to Audit/Deploy Network applicationGateways BackendFirstByteResponseTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendFirstByteResponseTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendFirstByteResponseTime-threshold-Override_'), field('tags._amba-BackendFirstByteResponseTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendFirstByteResponseTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways BackendFirstByteResponseTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendFirstByteResponseTime", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "BackendFirstByteResponseTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendFirstByteResponseTime-threshold-Override_'), field('tags._amba-BackendFirstByteResponseTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/BackendLastByteResponseTime_57c7b576-d4b2-4aa7-8c58-5c0ccbf94726.json b/services/Network/applicationGateways/templates/policy/BackendLastByteResponseTime_57c7b576-d4b2-4aa7-8c58-5c0ccbf94726.json new file mode 100644 index 000000000..26aad2675 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/BackendLastByteResponseTime_57c7b576-d4b2-4aa7-8c58-5c0ccbf94726.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "57c7b576-d4b2-4aa7-8c58-5c0ccbf94726", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Azure Application Gateway BackendLastByteResponseTime Alert", + "description": "Policy to Audit/Deploy Azure Application Gateway BackendLastByteResponseTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendLastByteResponseTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 2 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 2 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendLastByteResponseTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways BackendLastByteResponseTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendLastByteResponseTime", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "BackendLastByteResponseTime", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 2, + "numberOfEvaluationPeriods": 2 + }, + "timeAggregation": "Total", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/BackendResponseStatus_c319a40c-3750-4fb4-a36d-beb3d09ef2ee.json b/services/Network/applicationGateways/templates/policy/BackendResponseStatus_c319a40c-3750-4fb4-a36d-beb3d09ef2ee.json new file mode 100644 index 000000000..2f746b648 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/BackendResponseStatus_c319a40c-3750-4fb4-a36d-beb3d09ef2ee.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c319a40c-3750-4fb4-a36d-beb3d09ef2ee", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways BackendResponseStatus Alert", + "description": "Policy to Audit/Deploy Network applicationGateways BackendResponseStatus Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendResponseStatus" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendResponseStatus-threshold-Override_'), field('tags._amba-BackendResponseStatus-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendResponseStatus')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways BackendResponseStatus", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendResponseStatus", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "BackendResponseStatus", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendResponseStatus-threshold-Override_'), field('tags._amba-BackendResponseStatus-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/CapacityUnits_d43ca9ef-6211-40ff-972e-fffb17923fc9.json b/services/Network/applicationGateways/templates/policy/CapacityUnits_d43ca9ef-6211-40ff-972e-fffb17923fc9.json new file mode 100644 index 000000000..2d4d12121 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/CapacityUnits_d43ca9ef-6211-40ff-972e-fffb17923fc9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d43ca9ef-6211-40ff-972e-fffb17923fc9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways CapacityUnits Alert", + "description": "Policy to Audit/Deploy Network applicationGateways CapacityUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CapacityUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CapacityUnits-threshold-Override_'), field('tags._amba-CapacityUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CapacityUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways CapacityUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CapacityUnits", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "CapacityUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CapacityUnits-threshold-Override_'), field('tags._amba-CapacityUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/ComputeUnits_e59f4d17-2600-4bcc-ab57-6c695d37a0b2.json b/services/Network/applicationGateways/templates/policy/ComputeUnits_e59f4d17-2600-4bcc-ab57-6c695d37a0b2.json new file mode 100644 index 000000000..9ed953845 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/ComputeUnits_e59f4d17-2600-4bcc-ab57-6c695d37a0b2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e59f4d17-2600-4bcc-ab57-6c695d37a0b2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways ComputeUnits Alert", + "description": "Policy to Audit/Deploy Network applicationGateways ComputeUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ComputeUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ComputeUnits-threshold-Override_'), field('tags._amba-ComputeUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ComputeUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways ComputeUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ComputeUnits", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "ComputeUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ComputeUnits-threshold-Override_'), field('tags._amba-ComputeUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/CpuUtilization_9c8be4c5-5ba3-47ef-8a0a-97144734a336.json b/services/Network/applicationGateways/templates/policy/CpuUtilization_9c8be4c5-5ba3-47ef-8a0a-97144734a336.json new file mode 100644 index 000000000..b4d907dc9 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/CpuUtilization_9c8be4c5-5ba3-47ef-8a0a-97144734a336.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9c8be4c5-5ba3-47ef-8a0a-97144734a336", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways CpuUtilization Alert", + "description": "Policy to Audit/Deploy Network applicationGateways CpuUtilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CpuUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CpuUtilization-threshold-Override_'), field('tags._amba-CpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CpuUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways CpuUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CpuUtilization", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "CpuUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CpuUtilization-threshold-Override_'), field('tags._amba-CpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/CurrentConnections_695b9710-e432-4521-9042-36287f0fc5ba.json b/services/Network/applicationGateways/templates/policy/CurrentConnections_695b9710-e432-4521-9042-36287f0fc5ba.json new file mode 100644 index 000000000..6a55399d1 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/CurrentConnections_695b9710-e432-4521-9042-36287f0fc5ba.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "695b9710-e432-4521-9042-36287f0fc5ba", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways CurrentConnections Alert", + "description": "Policy to Audit/Deploy Network applicationGateways CurrentConnections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CurrentConnections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CurrentConnections-threshold-Override_'), field('tags._amba-CurrentConnections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CurrentConnections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways CurrentConnections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CurrentConnections", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "CurrentConnections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CurrentConnections-threshold-Override_'), field('tags._amba-CurrentConnections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/EstimatedBilledCapacityUnits_e77b6820-e115-4e33-97c1-9bb902eec3b2.json b/services/Network/applicationGateways/templates/policy/EstimatedBilledCapacityUnits_e77b6820-e115-4e33-97c1-9bb902eec3b2.json new file mode 100644 index 000000000..a68eb7ddc --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/EstimatedBilledCapacityUnits_e77b6820-e115-4e33-97c1-9bb902eec3b2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e77b6820-e115-4e33-97c1-9bb902eec3b2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways EstimatedBilledCapacityUnits Alert", + "description": "Policy to Audit/Deploy Network applicationGateways EstimatedBilledCapacityUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "EstimatedBilledCapacityUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-EstimatedBilledCapacityUnits-threshold-Override_'), field('tags._amba-EstimatedBilledCapacityUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-EstimatedBilledCapacityUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways EstimatedBilledCapacityUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "EstimatedBilledCapacityUnits", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "EstimatedBilledCapacityUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-EstimatedBilledCapacityUnits-threshold-Override_'), field('tags._amba-EstimatedBilledCapacityUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/FailedRequests_73afde26-bd0c-4c31-8801-5b2444629448.json b/services/Network/applicationGateways/templates/policy/FailedRequests_73afde26-bd0c-4c31-8801-5b2444629448.json new file mode 100644 index 000000000..2b967e87a --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/FailedRequests_73afde26-bd0c-4c31-8801-5b2444629448.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "73afde26-bd0c-4c31-8801-5b2444629448", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways FailedRequests Alert", + "description": "Policy to Audit/Deploy Network applicationGateways FailedRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FailedRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FailedRequests-threshold-Override_'), field('tags._amba-FailedRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FailedRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways FailedRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FailedRequests", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "FailedRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FailedRequests-threshold-Override_'), field('tags._amba-FailedRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/HealthyHostCount_f03d1a7a-6bd3-42ae-89db-b36fd6ce5633.json b/services/Network/applicationGateways/templates/policy/HealthyHostCount_f03d1a7a-6bd3-42ae-89db-b36fd6ce5633.json new file mode 100644 index 000000000..dd554f837 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/HealthyHostCount_f03d1a7a-6bd3-42ae-89db-b36fd6ce5633.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f03d1a7a-6bd3-42ae-89db-b36fd6ce5633", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways HealthyHostCount Alert", + "description": "Policy to Audit/Deploy Network applicationGateways HealthyHostCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "HealthyHostCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-HealthyHostCount-threshold-Override_'), field('tags._amba-HealthyHostCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-HealthyHostCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways HealthyHostCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "HealthyHostCount", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "HealthyHostCount", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-HealthyHostCount-threshold-Override_'), field('tags._amba-HealthyHostCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/ResponseStatus_6d77d848-23b1-4ff4-b9de-d421845d9566.json b/services/Network/applicationGateways/templates/policy/ResponseStatus_6d77d848-23b1-4ff4-b9de-d421845d9566.json new file mode 100644 index 000000000..e8476d254 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/ResponseStatus_6d77d848-23b1-4ff4-b9de-d421845d9566.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6d77d848-23b1-4ff4-b9de-d421845d9566", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways ResponseStatus Alert", + "description": "Policy to Audit/Deploy Network applicationGateways ResponseStatus Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ResponseStatus" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ResponseStatus-threshold-Override_'), field('tags._amba-ResponseStatus-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ResponseStatus')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways ResponseStatus", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ResponseStatus", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "ResponseStatus", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ResponseStatus-threshold-Override_'), field('tags._amba-ResponseStatus-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/Throughput_7640663c-b2f7-41bf-9419-be5e8cfdf74e.json b/services/Network/applicationGateways/templates/policy/Throughput_7640663c-b2f7-41bf-9419-be5e8cfdf74e.json new file mode 100644 index 000000000..6ac990502 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/Throughput_7640663c-b2f7-41bf-9419-be5e8cfdf74e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7640663c-b2f7-41bf-9419-be5e8cfdf74e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways Throughput Alert", + "description": "Policy to Audit/Deploy Network applicationGateways Throughput Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "167772160" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Throughput" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Throughput-threshold-Override_'), field('tags._amba-Throughput-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Throughput')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways Throughput", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Throughput", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "Throughput", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Throughput-threshold-Override_'), field('tags._amba-Throughput-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/TotalRequests_06982a17-4def-405d-bb59-4ecfb6486f9e.json b/services/Network/applicationGateways/templates/policy/TotalRequests_06982a17-4def-405d-bb59-4ecfb6486f9e.json new file mode 100644 index 000000000..be654353b --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/TotalRequests_06982a17-4def-405d-bb59-4ecfb6486f9e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "06982a17-4def-405d-bb59-4ecfb6486f9e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways TotalRequests Alert", + "description": "Policy to Audit/Deploy Network applicationGateways TotalRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways TotalRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalRequests", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "TotalRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalRequests-threshold-Override_'), field('tags._amba-TotalRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/applicationGateways/templates/policy/UnhealthyHostCount_c88acf4e-2d23-4ac7-93fb-e44ded53ecee.json b/services/Network/applicationGateways/templates/policy/UnhealthyHostCount_c88acf4e-2d23-4ac7-93fb-e44ded53ecee.json new file mode 100644 index 000000000..6d2e14582 --- /dev/null +++ b/services/Network/applicationGateways/templates/policy/UnhealthyHostCount_c88acf4e-2d23-4ac7-93fb-e44ded53ecee.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c88acf4e-2d23-4ac7-93fb-e44ded53ecee", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network applicationGateways UnhealthyHostCount Alert", + "description": "Policy to Audit/Deploy Network applicationGateways UnhealthyHostCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/applicationGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UnhealthyHostCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UnhealthyHostCount-threshold-Override_'), field('tags._amba-UnhealthyHostCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UnhealthyHostCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network applicationGateways UnhealthyHostCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UnhealthyHostCount", + "metricNamespace": "Microsoft.Network/applicationGateways", + "metricName": "UnhealthyHostCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UnhealthyHostCount-threshold-Override_'), field('tags._amba-UnhealthyHostCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/azureFirewalls/templates/policy/ActivityLogAzureFirewallDelete_0b0c11e3-3598-4b2f-8cd8-77a24806bb9d.json b/services/Network/azureFirewalls/templates/policy/ActivityLogAzureFirewallDelete_0b0c11e3-3598-4b2f-8cd8-77a24806bb9d.json new file mode 100644 index 000000000..939120580 --- /dev/null +++ b/services/Network/azureFirewalls/templates/policy/ActivityLogAzureFirewallDelete_0b0c11e3-3598-4b2f-8cd8-77a24806bb9d.json @@ -0,0 +1,260 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_Firewall_Delete", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log Azure FireWall Delete Alert", + "description": "Policy to Deploy Activity Log Azure Firewall Delete Alert", + "metadata": { + "version": "1.0.2", + "category": "Network", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityAzureFirewallDelete", + "existenceScope": "resourceGroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.Network/azureFirewalls/delete" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2020-10-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityAzureFirewallDelete", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityAzureFirewallDelete", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log Firewall Delete", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.Network/azurefirewalls/delete" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/azureFirewalls/templates/policy/FirewallHealth_0ff72493-3822-4315-a146-8977a0963e39.json b/services/Network/azureFirewalls/templates/policy/FirewallHealth_0ff72493-3822-4315-a146-8977a0963e39.json new file mode 100644 index 000000000..050fa89b3 --- /dev/null +++ b/services/Network/azureFirewalls/templates/policy/FirewallHealth_0ff72493-3822-4315-a146-8977a0963e39.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0ff72493-3822-4315-a146-8977a0963e39", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AFW FirewallHealth Alert", + "description": "Policy to Audit/Deploy AFW FirewallHealth Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FirewallHealth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/azureFirewalls/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FirewallHealth-threshold-Override_'), field('tags._amba-FirewallHealth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FirewallHealth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network azureFirewalls FirewallHealth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FirewallHealth", + "metricNamespace": "Microsoft.Network/azureFirewalls", + "metricName": "FirewallHealth", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FirewallHealth-threshold-Override_'), field('tags._amba-FirewallHealth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/azureFirewalls/templates/policy/SNATPortUtilization_b23f1e82-a791-4610-aaa6-2d960b48b81d.json b/services/Network/azureFirewalls/templates/policy/SNATPortUtilization_b23f1e82-a791-4610-aaa6-2d960b48b81d.json new file mode 100644 index 000000000..06daea453 --- /dev/null +++ b/services/Network/azureFirewalls/templates/policy/SNATPortUtilization_b23f1e82-a791-4610-aaa6-2d960b48b81d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b23f1e82-a791-4610-aaa6-2d960b48b81d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy AFW SNATPortUtilization Alert", + "description": "Policy to Audit/Deploy AFW SNATPortUtilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SNATPortUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/azureFirewalls/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SNATPortUtilization-threshold-Override_'), field('tags._amba-SNATPortUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SNATPortUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network azureFirewalls SNATPortUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SNATPortUtilization", + "metricNamespace": "Microsoft.Network/azureFirewalls", + "metricName": "SNATPortUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SNATPortUtilization-threshold-Override_'), field('tags._amba-SNATPortUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/azureFirewalls/templates/policy/Throughput_e8fdab4c-cc9a-4729-8619-a0f468f4dfdc.json b/services/Network/azureFirewalls/templates/policy/Throughput_e8fdab4c-cc9a-4729-8619-a0f468f4dfdc.json new file mode 100644 index 000000000..c016c31bf --- /dev/null +++ b/services/Network/azureFirewalls/templates/policy/Throughput_e8fdab4c-cc9a-4729-8619-a0f468f4dfdc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e8fdab4c-cc9a-4729-8619-a0f468f4dfdc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network azureFirewalls Throughput Alert", + "description": "Policy to Audit/Deploy Network azureFirewalls Throughput Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "27000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/azureFirewalls" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Throughput" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/azureFirewalls/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Throughput-threshold-Override_'), field('tags._amba-Throughput-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Throughput')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network azureFirewalls Throughput", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Throughput", + "metricNamespace": "Microsoft.Network/azureFirewalls", + "metricName": "Throughput", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Throughput-threshold-Override_'), field('tags._amba-Throughput-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/bastionHosts/templates/policy/pingmesh_afd848a8-8b18-410c-bcc1-1b6f06a5a231.json b/services/Network/bastionHosts/templates/policy/pingmesh_afd848a8-8b18-410c-bcc1-1b6f06a5a231.json new file mode 100644 index 000000000..229a16704 --- /dev/null +++ b/services/Network/bastionHosts/templates/policy/pingmesh_afd848a8-8b18-410c-bcc1-1b6f06a5a231.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "afd848a8-8b18-410c-bcc1-1b6f06a5a231", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network bastionHosts pingmesh Alert", + "description": "Policy to Audit/Deploy Network bastionHosts pingmesh Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "pingmesh" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/bastionHosts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-pingmesh-threshold-Override_'), field('tags._amba-pingmesh-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-pingmesh')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network bastionHosts pingmesh", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "pingmesh", + "metricNamespace": "Microsoft.Network/bastionHosts", + "metricName": "pingmesh", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-pingmesh-threshold-Override_'), field('tags._amba-pingmesh-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/bastionHosts/templates/policy/usage_user_0d4040d7-4478-46b5-98e0-14bb2f7b8ecf.json b/services/Network/bastionHosts/templates/policy/usage_user_0d4040d7-4478-46b5-98e0-14bb2f7b8ecf.json new file mode 100644 index 000000000..d032364e0 --- /dev/null +++ b/services/Network/bastionHosts/templates/policy/usage_user_0d4040d7-4478-46b5-98e0-14bb2f7b8ecf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0d4040d7-4478-46b5-98e0-14bb2f7b8ecf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network bastionHosts usage_user Alert", + "description": "Policy to Audit/Deploy Network bastionHosts usage_user Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "usage_user" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/bastionHosts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-usage_user-threshold-Override_'), field('tags._amba-usage_user-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-usage_user')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network bastionHosts usage_user", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "usage_user", + "metricNamespace": "Microsoft.Network/bastionHosts", + "metricName": "usage_user", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-usage_user-threshold-Override_'), field('tags._amba-usage_user-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/bastionHosts/templates/policy/used_2c288e52-422b-4f7e-85cf-feb3d08a1602.json b/services/Network/bastionHosts/templates/policy/used_2c288e52-422b-4f7e-85cf-feb3d08a1602.json new file mode 100644 index 000000000..648f73e95 --- /dev/null +++ b/services/Network/bastionHosts/templates/policy/used_2c288e52-422b-4f7e-85cf-feb3d08a1602.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2c288e52-422b-4f7e-85cf-feb3d08a1602", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network bastionHosts used Alert", + "description": "Policy to Audit/Deploy Network bastionHosts used Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/bastionHosts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "used" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/bastionHosts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-used-threshold-Override_'), field('tags._amba-used-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-used')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network bastionHosts used", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "used", + "metricNamespace": "Microsoft.Network/bastionHosts", + "metricName": "used", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-used-threshold-Override_'), field('tags._amba-used-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/connections/templates/policy/BitsInPerSecond_494aa5d6-444d-4c86-9de5-431b3e12a233.json b/services/Network/connections/templates/policy/BitsInPerSecond_494aa5d6-444d-4c86-9de5-431b3e12a233.json new file mode 100644 index 000000000..93e2d77e7 --- /dev/null +++ b/services/Network/connections/templates/policy/BitsInPerSecond_494aa5d6-444d-4c86-9de5-431b3e12a233.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "494aa5d6-444d-4c86-9de5-431b3e12a233", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network connections BitsInPerSecond Alert", + "description": "Policy to Audit/Deploy Network connections BitsInPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "6000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/connections" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/connections" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BitsInPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/connections/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BitsInPerSecond-threshold-Override_'), field('tags._amba-BitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BitsInPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network connections BitsInPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BitsInPerSecond", + "metricNamespace": "Microsoft.Network/connections", + "metricName": "BitsInPerSecond", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BitsInPerSecond-threshold-Override_'), field('tags._amba-BitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/connections/templates/policy/BitsOutPerSecond_b050d767-098e-4947-aa88-2a3090e62eab.json b/services/Network/connections/templates/policy/BitsOutPerSecond_b050d767-098e-4947-aa88-2a3090e62eab.json new file mode 100644 index 000000000..ce57d76ba --- /dev/null +++ b/services/Network/connections/templates/policy/BitsOutPerSecond_b050d767-098e-4947-aa88-2a3090e62eab.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b050d767-098e-4947-aa88-2a3090e62eab", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network connections BitsOutPerSecond Alert", + "description": "Policy to Audit/Deploy Network connections BitsOutPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "6000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/connections" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/connections" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BitsOutPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/connections/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BitsOutPerSecond-threshold-Override_'), field('tags._amba-BitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BitsOutPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network connections BitsOutPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BitsOutPerSecond", + "metricNamespace": "Microsoft.Network/connections", + "metricName": "BitsOutPerSecond", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BitsOutPerSecond-threshold-Override_'), field('tags._amba-BitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/dnszones/templates/policy/QueryVolume_0d1709ed-805e-4ca1-8490-f2d6b393e92f.json b/services/Network/dnszones/templates/policy/QueryVolume_0d1709ed-805e-4ca1-8490-f2d6b393e92f.json new file mode 100644 index 000000000..4ce02dab1 --- /dev/null +++ b/services/Network/dnszones/templates/policy/QueryVolume_0d1709ed-805e-4ca1-8490-f2d6b393e92f.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0d1709ed-805e-4ca1-8490-f2d6b393e92f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network dnszones QueryVolume Alert", + "description": "Policy to Audit/Deploy Network dnszones QueryVolume Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/dnszones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/dnszones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueryVolume" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/dnszones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueryVolume')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network dnszones QueryVolume", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueryVolume", + "metricNamespace": "Microsoft.Network/dnszones", + "metricName": "QueryVolume", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Total", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/dnszones/templates/policy/RecordSetCapacityUtilization_dfbcdbb7-fed8-49c5-8a10-ed34d20fc617.json b/services/Network/dnszones/templates/policy/RecordSetCapacityUtilization_dfbcdbb7-fed8-49c5-8a10-ed34d20fc617.json new file mode 100644 index 000000000..2d538f825 --- /dev/null +++ b/services/Network/dnszones/templates/policy/RecordSetCapacityUtilization_dfbcdbb7-fed8-49c5-8a10-ed34d20fc617.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dfbcdbb7-fed8-49c5-8a10-ed34d20fc617", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network dnszones RecordSetCapacityUtilization Alert", + "description": "Policy to Audit/Deploy Network dnszones RecordSetCapacityUtilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "60" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/dnszones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/dnszones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RecordSetCapacityUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/dnszones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RecordSetCapacityUtilization-threshold-Override_'), field('tags._amba-RecordSetCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RecordSetCapacityUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network dnszones RecordSetCapacityUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RecordSetCapacityUtilization", + "metricNamespace": "Microsoft.Network/dnszones", + "metricName": "RecordSetCapacityUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RecordSetCapacityUtilization-threshold-Override_'), field('tags._amba-RecordSetCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/ArpAvailability_efc101c0-0623-4928-86a7-6f2d37faf24b.json b/services/Network/expressRouteCircuits/templates/policy/ArpAvailability_efc101c0-0623-4928-86a7-6f2d37faf24b.json new file mode 100644 index 000000000..df89fb6de --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/ArpAvailability_efc101c0-0623-4928-86a7-6f2d37faf24b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "efc101c0-0623-4928-86a7-6f2d37faf24b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ExpressRoute Circuits ARP Availability Alert", + "description": "Policy to Audit/Deploy ExpressRoute Circuits ARP Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ArpAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ArpAvailability-threshold-Override_'), field('tags._amba-ArpAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ArpAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits ArpAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ArpAvailability", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "ArpAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ArpAvailability-threshold-Override_'), field('tags._amba-ArpAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/BgpAvailability_37302f31-86e2-45c8-a39f-d0b41c1271df.json b/services/Network/expressRouteCircuits/templates/policy/BgpAvailability_37302f31-86e2-45c8-a39f-d0b41c1271df.json new file mode 100644 index 000000000..c79d91f6c --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/BgpAvailability_37302f31-86e2-45c8-a39f-d0b41c1271df.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "37302f31-86e2-45c8-a39f-d0b41c1271df", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ExpressRoute Circuits BGP Availability Alert", + "description": "Policy to Audit/Deploy ExpressRoute Circuits BGP Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BgpAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BgpAvailability-threshold-Override_'), field('tags._amba-BgpAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BgpAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits BgpAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BgpAvailability", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "BgpAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BgpAvailability-threshold-Override_'), field('tags._amba-BgpAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/BitsInPerSecond_2e4ae517-3d35-4677-a4b0-441ca19e7670.json b/services/Network/expressRouteCircuits/templates/policy/BitsInPerSecond_2e4ae517-3d35-4677-a4b0-441ca19e7670.json new file mode 100644 index 000000000..34dcba625 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/BitsInPerSecond_2e4ae517-3d35-4677-a4b0-441ca19e7670.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2e4ae517-3d35-4677-a4b0-441ca19e7670", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network expressRouteCircuits BitsInPerSecond Alert", + "description": "Policy to Audit/Deploy Network expressRouteCircuits BitsInPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "800000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BitsInPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BitsInPerSecond-threshold-Override_'), field('tags._amba-BitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BitsInPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits BitsInPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BitsInPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "BitsInPerSecond", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BitsInPerSecond-threshold-Override_'), field('tags._amba-BitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/BitsOutPerSecond_cc428042-1a21-43f7-b5f8-598dea50f4a2.json b/services/Network/expressRouteCircuits/templates/policy/BitsOutPerSecond_cc428042-1a21-43f7-b5f8-598dea50f4a2.json new file mode 100644 index 000000000..7489d6c44 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/BitsOutPerSecond_cc428042-1a21-43f7-b5f8-598dea50f4a2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cc428042-1a21-43f7-b5f8-598dea50f4a2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network expressRouteCircuits BitsOutPerSecond Alert", + "description": "Policy to Audit/Deploy Network expressRouteCircuits BitsOutPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "800000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BitsOutPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BitsOutPerSecond-threshold-Override_'), field('tags._amba-BitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BitsOutPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits BitsOutPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BitsOutPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "BitsOutPerSecond", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BitsOutPerSecond-threshold-Override_'), field('tags._amba-BitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/QosDropBitsInPerSecond_d56551a8-1355-4aa3-871e-e20e1ce40f05.json b/services/Network/expressRouteCircuits/templates/policy/QosDropBitsInPerSecond_d56551a8-1355-4aa3-871e-e20e1ce40f05.json new file mode 100644 index 000000000..5658d8974 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/QosDropBitsInPerSecond_d56551a8-1355-4aa3-871e-e20e1ce40f05.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d56551a8-1355-4aa3-871e-e20e1ce40f05", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ExpressRoute Circuits QosDropBitsInPerSecond Alert", + "description": "Policy to Audit/Deploy ExpressRoute Circuits QosDropBitsInPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QosDropBitsInPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QosDropBitsInPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits QosDropBitsInPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QosDropBitsInPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "QosDropBitsInPerSecond", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/QosDropBitsOutPerSecond_5808dbdb-712e-4bd3-b92e-4a08388c32c6.json b/services/Network/expressRouteCircuits/templates/policy/QosDropBitsOutPerSecond_5808dbdb-712e-4bd3-b92e-4a08388c32c6.json new file mode 100644 index 000000000..0ea5043c7 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/QosDropBitsOutPerSecond_5808dbdb-712e-4bd3-b92e-4a08388c32c6.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5808dbdb-712e-4bd3-b92e-4a08388c32c6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ExpressRoute Circuits QosDropBitsOutPerSecond Alert", + "description": "Policy to Audit/Deploy ExpressRoute Circuits QosDropBitsOutPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QosDropBitsOutPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QosDropBitsOutPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits QosDropBitsOutPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QosDropBitsOutPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "QosDropBitsOutPerSecond", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/fastpathroutescountforcircuit_afc45643-7bd3-4321-9924-ac710bb78f88.json b/services/Network/expressRouteCircuits/templates/policy/fastpathroutescountforcircuit_afc45643-7bd3-4321-9924-ac710bb78f88.json new file mode 100644 index 000000000..1f95c8b40 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/fastpathroutescountforcircuit_afc45643-7bd3-4321-9924-ac710bb78f88.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "afc45643-7bd3-4321-9924-ac710bb78f88", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network expressRouteCircuits fastpathroutescountforcircuit Alert", + "description": "Policy to Audit/Deploy Network expressRouteCircuits fastpathroutescountforcircuit Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.0l" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "fastpathroutescountforcircuit" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-fastpathroutescountforcircuit-threshold-Override_'), field('tags._amba-fastpathroutescountforcircuit-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-fastpathroutescountforcircuit')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits fastpathroutescountforcircuit", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "fastpathroutescountforcircuit", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "fastpathroutescountforcircuit", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-fastpathroutescountforcircuit-threshold-Override_'), field('tags._amba-fastpathroutescountforcircuit-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/globalreachbitsinpersecond_47fe6c76-47a0-433f-92d6-a23d9f573771.json b/services/Network/expressRouteCircuits/templates/policy/globalreachbitsinpersecond_47fe6c76-47a0-433f-92d6-a23d9f573771.json new file mode 100644 index 000000000..c6ddb8cc8 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/globalreachbitsinpersecond_47fe6c76-47a0-433f-92d6-a23d9f573771.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "47fe6c76-47a0-433f-92d6-a23d9f573771", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network expressRouteCircuits globalreachbitsinpersecond Alert", + "description": "Policy to Audit/Deploy Network expressRouteCircuits globalreachbitsinpersecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "globalreachbitsinpersecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-globalreachbitsinpersecond-threshold-Override_'), field('tags._amba-globalreachbitsinpersecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-globalreachbitsinpersecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits globalreachbitsinpersecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "globalreachbitsinpersecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "globalreachbitsinpersecond", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-globalreachbitsinpersecond-threshold-Override_'), field('tags._amba-globalreachbitsinpersecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteCircuits/templates/policy/globalreachbitsoutpersecond_8a586e59-0f53-41bd-8406-174f9f0ecf7e.json b/services/Network/expressRouteCircuits/templates/policy/globalreachbitsoutpersecond_8a586e59-0f53-41bd-8406-174f9f0ecf7e.json new file mode 100644 index 000000000..16df061b5 --- /dev/null +++ b/services/Network/expressRouteCircuits/templates/policy/globalreachbitsoutpersecond_8a586e59-0f53-41bd-8406-174f9f0ecf7e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8a586e59-0f53-41bd-8406-174f9f0ecf7e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network expressRouteCircuits globalreachbitsoutpersecond Alert", + "description": "Policy to Audit/Deploy Network expressRouteCircuits globalreachbitsoutpersecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteCircuits" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "globalreachbitsoutpersecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-globalreachbitsoutpersecond-threshold-Override_'), field('tags._amba-globalreachbitsoutpersecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-globalreachbitsoutpersecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteCircuits globalreachbitsoutpersecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "globalreachbitsoutpersecond", + "metricNamespace": "Microsoft.Network/expressRouteCircuits", + "metricName": "globalreachbitsoutpersecond", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-globalreachbitsoutpersecond-threshold-Override_'), field('tags._amba-globalreachbitsoutpersecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsInPerSecond_ff147700-c9e6-4063-bb23-45500c00067a.json b/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsInPerSecond_ff147700-c9e6-4063-bb23-45500c00067a.json new file mode 100644 index 000000000..4e246a190 --- /dev/null +++ b/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsInPerSecond_ff147700-c9e6-4063-bb23-45500c00067a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ff147700-c9e6-4063-bb23-45500c00067a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ERG ExpressRoute Bits In Alert", + "description": "Policy to Audit/Deploy ERG ExpressRoute Bits In Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ERGatewayConnectionBitsInPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ERGatewayConnectionBitsInPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteGateways ERGatewayConnectionBitsInPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ERGatewayConnectionBitsInPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteGateways", + "metricName": "ERGatewayConnectionBitsInPerSecond", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsOutPerSecond_4d5c7854-e044-4dd6-971b-df433fa3ad37.json b/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsOutPerSecond_4d5c7854-e044-4dd6-971b-df433fa3ad37.json new file mode 100644 index 000000000..0b85edc07 --- /dev/null +++ b/services/Network/expressRouteGateways/templates/policy/ERGatewayConnectionBitsOutPerSecond_4d5c7854-e044-4dd6-971b-df433fa3ad37.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4d5c7854-e044-4dd6-971b-df433fa3ad37", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ERG ExpressRoute Bits Out Alert", + "description": "Policy to Audit/Deploy ERG ExpressRoute Bits Out Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ERGatewayConnectionBitsOutPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ERGatewayConnectionBitsOutPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteGateways ERGatewayConnectionBitsOutPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ERGatewayConnectionBitsOutPerSecond", + "metricNamespace": "Microsoft.Network/expressRouteGateways", + "metricName": "ERGatewayConnectionBitsOutPerSecond", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRouteGateways/templates/policy/ExpressRouteGatewayCpuUtilization_af1ba971-9b73-4b7f-8040-5eff9f5778d5.json b/services/Network/expressRouteGateways/templates/policy/ExpressRouteGatewayCpuUtilization_af1ba971-9b73-4b7f-8040-5eff9f5778d5.json new file mode 100644 index 000000000..0f51e2321 --- /dev/null +++ b/services/Network/expressRouteGateways/templates/policy/ExpressRouteGatewayCpuUtilization_af1ba971-9b73-4b7f-8040-5eff9f5778d5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "af1ba971-9b73-4b7f-8040-5eff9f5778d5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ERG ExpressRoute CPU Utilization Alert", + "description": "Policy to Audit/Deploy ERG ExpressRoute CPU Utilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRouteGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ExpressRouteGatewayCpuUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ExpressRouteGatewayCpuUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRouteGateways ExpressRouteGatewayCpuUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ExpressRouteGatewayCpuUtilization", + "metricNamespace": "Microsoft.Network/expressRouteGateways", + "metricName": "ExpressRouteGatewayCpuUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/LineProtocol_0fac138d-cf48-4dc2-ac02-053d0b24e620.json b/services/Network/expressRoutePorts/templates/policy/LineProtocol_0fac138d-cf48-4dc2-ac02-053d0b24e620.json new file mode 100644 index 000000000..8a54da935 --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/LineProtocol_0fac138d-cf48-4dc2-ac02-053d0b24e620.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0fac138d-cf48-4dc2-ac02-053d0b24e620", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct LineProtocol Alert", + "description": "Policy to Audit/Deploy ER Direct LineProtocol Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.9" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "LineProtocol" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-LineProtocol-threshold-Override_'), field('tags._amba-LineProtocol-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-LineProtocol')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts LineProtocol", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "LineProtocol", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "LineProtocol", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-LineProtocol-threshold-Override_'), field('tags._amba-LineProtocol-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/PortBitsInPerSecond_08dad105-6416-4348-9feb-339f73e24262.json b/services/Network/expressRoutePorts/templates/policy/PortBitsInPerSecond_08dad105-6416-4348-9feb-339f73e24262.json new file mode 100644 index 000000000..aa31c2d89 --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/PortBitsInPerSecond_08dad105-6416-4348-9feb-339f73e24262.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "08dad105-6416-4348-9feb-339f73e24262", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct Connection BitsInPerSecond Alert", + "description": "Policy to Audit/Deploy ER Direct Connection BitsInPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PortBitsInPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PortBitsInPerSecond-threshold-Override_'), field('tags._amba-PortBitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PortBitsInPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts PortBitsInPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PortBitsInPerSecond", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "PortBitsInPerSecond", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PortBitsInPerSecond-threshold-Override_'), field('tags._amba-PortBitsInPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/PortBitsOutPerSecond_ca29484c-b6e5-467e-984d-567e262380d7.json b/services/Network/expressRoutePorts/templates/policy/PortBitsOutPerSecond_ca29484c-b6e5-467e-984d-567e262380d7.json new file mode 100644 index 000000000..c6bf07d3c --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/PortBitsOutPerSecond_ca29484c-b6e5-467e-984d-567e262380d7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ca29484c-b6e5-467e-984d-567e262380d7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct Connection BitsOutPerSecond Alert", + "description": "Policy to Audit/Deploy ER Direct Connection BitsOutPerSecond Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PortBitsOutPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PortBitsOutPerSecond-threshold-Override_'), field('tags._amba-PortBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PortBitsOutPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts PortBitsOutPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PortBitsOutPerSecond", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "PortBitsOutPerSecond", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PortBitsOutPerSecond-threshold-Override_'), field('tags._amba-PortBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/RxLightLevel_bf37971c-60f4-4652-a059-7607b1d6d31b.json b/services/Network/expressRoutePorts/templates/policy/RxLightLevel_bf37971c-60f4-4652-a059-7607b1d6d31b.json new file mode 100644 index 000000000..115d472f9 --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/RxLightLevel_bf37971c-60f4-4652-a059-7607b1d6d31b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "bf37971c-60f4-4652-a059-7607b1d6d31b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct RxLightLevel Low Alert", + "description": "Policy to Audit/Deploy ER Direct RxLightLevel Low Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "-10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RxLightLevel" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RxLightLevel-threshold-Override_'), field('tags._amba-RxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RxLightLevel')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts RxLightLevel", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RxLightLevel", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "RxLightLevel", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RxLightLevel-threshold-Override_'), field('tags._amba-RxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/RxLightLevel_ceaeccae-ffa5-4c8c-8415-c7be8266977d.json b/services/Network/expressRoutePorts/templates/policy/RxLightLevel_ceaeccae-ffa5-4c8c-8415-c7be8266977d.json new file mode 100644 index 000000000..349b7831e --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/RxLightLevel_ceaeccae-ffa5-4c8c-8415-c7be8266977d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ceaeccae-ffa5-4c8c-8415-c7be8266977d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct RxLightLevel High Alert", + "description": "Policy to Audit/Deploy ER Direct RxLightLevel High Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RxLightLevel" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RxLightLevel-threshold-Override_'), field('tags._amba-RxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RxLightLevel')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts RxLightLevel", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RxLightLevel", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "RxLightLevel", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RxLightLevel-threshold-Override_'), field('tags._amba-RxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/TxLightLevel_378a85f8-f24c-4ce6-bfb0-eb5ccbd61768.json b/services/Network/expressRoutePorts/templates/policy/TxLightLevel_378a85f8-f24c-4ce6-bfb0-eb5ccbd61768.json new file mode 100644 index 000000000..004f2c48d --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/TxLightLevel_378a85f8-f24c-4ce6-bfb0-eb5ccbd61768.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "378a85f8-f24c-4ce6-bfb0-eb5ccbd61768", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct TxLightLevel Low Alert", + "description": "Policy to Audit/Deploy ER Direct TxLightLevel Low Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "-10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TxLightLevel" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TxLightLevel-threshold-Override_'), field('tags._amba-TxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TxLightLevel')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts TxLightLevel", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TxLightLevel", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "TxLightLevel", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TxLightLevel-threshold-Override_'), field('tags._amba-TxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/expressRoutePorts/templates/policy/TxLightLevel_dee0e83f-8d5c-4735-9730-1a850354e4b1.json b/services/Network/expressRoutePorts/templates/policy/TxLightLevel_dee0e83f-8d5c-4735-9730-1a850354e4b1.json new file mode 100644 index 000000000..6ebe38930 --- /dev/null +++ b/services/Network/expressRoutePorts/templates/policy/TxLightLevel_dee0e83f-8d5c-4735-9730-1a850354e4b1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dee0e83f-8d5c-4735-9730-1a850354e4b1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ER Direct TxLightLevel High Alert", + "description": "Policy to Audit/Deploy ER Direct TxLightLevel High Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/expressRoutePorts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TxLightLevel" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TxLightLevel-threshold-Override_'), field('tags._amba-TxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TxLightLevel')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network expressRoutePorts TxLightLevel", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TxLightLevel", + "metricNamespace": "Microsoft.Network/expressRoutePorts", + "metricName": "TxLightLevel", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TxLightLevel-threshold-Override_'), field('tags._amba-TxLightLevel-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/frontDoors/templates/policy/BackendHealthPercentage_15a67b66-30eb-4d0f-aa98-7350304347d0.json b/services/Network/frontDoors/templates/policy/BackendHealthPercentage_15a67b66-30eb-4d0f-aa98-7350304347d0.json new file mode 100644 index 000000000..3c3ba94dc --- /dev/null +++ b/services/Network/frontDoors/templates/policy/BackendHealthPercentage_15a67b66-30eb-4d0f-aa98-7350304347d0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "15a67b66-30eb-4d0f-aa98-7350304347d0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network frontdoors BackendHealthPercentage Alert", + "description": "Policy to Audit/Deploy Network frontdoors BackendHealthPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendHealthPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/frontdoors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendHealthPercentage-threshold-Override_'), field('tags._amba-BackendHealthPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendHealthPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network frontdoors BackendHealthPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendHealthPercentage", + "metricNamespace": "Microsoft.Network/frontdoors", + "metricName": "BackendHealthPercentage", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendHealthPercentage-threshold-Override_'), field('tags._amba-BackendHealthPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/frontDoors/templates/policy/BackendRequestLatency_a4de0a96-9e79-4a03-a91c-cbd09ea3d29a.json b/services/Network/frontDoors/templates/policy/BackendRequestLatency_a4de0a96-9e79-4a03-a91c-cbd09ea3d29a.json new file mode 100644 index 000000000..ac2f52a5d --- /dev/null +++ b/services/Network/frontDoors/templates/policy/BackendRequestLatency_a4de0a96-9e79-4a03-a91c-cbd09ea3d29a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a4de0a96-9e79-4a03-a91c-cbd09ea3d29a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network frontdoors BackendRequestLatency Alert", + "description": "Policy to Audit/Deploy Network frontdoors BackendRequestLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "15000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackendRequestLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/frontdoors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackendRequestLatency-threshold-Override_'), field('tags._amba-BackendRequestLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackendRequestLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network frontdoors BackendRequestLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackendRequestLatency", + "metricNamespace": "Microsoft.Network/frontdoors", + "metricName": "BackendRequestLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackendRequestLatency-threshold-Override_'), field('tags._amba-BackendRequestLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/frontDoors/templates/policy/RequestCount_5ec4f863-ec6f-4fe8-b258-a53b3183138a.json b/services/Network/frontDoors/templates/policy/RequestCount_5ec4f863-ec6f-4fe8-b258-a53b3183138a.json new file mode 100644 index 000000000..0bbac9508 --- /dev/null +++ b/services/Network/frontDoors/templates/policy/RequestCount_5ec4f863-ec6f-4fe8-b258-a53b3183138a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5ec4f863-ec6f-4fe8-b258-a53b3183138a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network frontdoors RequestCount Alert", + "description": "Policy to Audit/Deploy Network frontdoors RequestCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RequestCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/frontdoors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RequestCount-threshold-Override_'), field('tags._amba-RequestCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RequestCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network frontdoors RequestCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RequestCount", + "metricNamespace": "Microsoft.Network/frontdoors", + "metricName": "RequestCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RequestCount-threshold-Override_'), field('tags._amba-RequestCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/frontDoors/templates/policy/TotalLatency_1987b5a9-bbc3-43c6-af35-cd69e61fe043.json b/services/Network/frontDoors/templates/policy/TotalLatency_1987b5a9-bbc3-43c6-af35-cd69e61fe043.json new file mode 100644 index 000000000..b28395835 --- /dev/null +++ b/services/Network/frontDoors/templates/policy/TotalLatency_1987b5a9-bbc3-43c6-af35-cd69e61fe043.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1987b5a9-bbc3-43c6-af35-cd69e61fe043", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network frontdoors TotalLatency Alert", + "description": "Policy to Audit/Deploy Network frontdoors TotalLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "25000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/frontdoors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/frontdoors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network frontdoors TotalLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalLatency", + "metricNamespace": "Microsoft.Network/frontdoors", + "metricName": "TotalLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalLatency-threshold-Override_'), field('tags._amba-TotalLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/AllocatedSnartPorts_5b64d91c-54de-4f8c-a5d6-054967f4ceaf.json b/services/Network/loadBalancers/templates/policy/AllocatedSnartPorts_5b64d91c-54de-4f8c-a5d6-054967f4ceaf.json new file mode 100644 index 000000000..4a0f5c918 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/AllocatedSnartPorts_5b64d91c-54de-4f8c-a5d6-054967f4ceaf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5b64d91c-54de-4f8c-a5d6-054967f4ceaf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network loadBalancers AllocatedSnartPorts Alert", + "description": "Policy to Audit/Deploy Network loadBalancers AllocatedSnartPorts Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AllocatedSnartPorts" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AllocatedSnartPorts-threshold-Override_'), field('tags._amba-AllocatedSnartPorts-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AllocatedSnartPorts')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers AllocatedSnartPorts", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AllocatedSnartPorts", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "AllocatedSnartPorts", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AllocatedSnartPorts-threshold-Override_'), field('tags._amba-AllocatedSnartPorts-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/Bytecount_d15179b2-4b57-41e4-997b-dc7c380963d9.json b/services/Network/loadBalancers/templates/policy/Bytecount_d15179b2-4b57-41e4-997b-dc7c380963d9.json new file mode 100644 index 000000000..dc148452c --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/Bytecount_d15179b2-4b57-41e4-997b-dc7c380963d9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d15179b2-4b57-41e4-997b-dc7c380963d9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network loadBalancers Bytecount Alert", + "description": "Policy to Audit/Deploy Network loadBalancers Bytecount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Bytecount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Bytecount-threshold-Override_'), field('tags._amba-Bytecount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Bytecount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers Bytecount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Bytecount", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "Bytecount", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Bytecount-threshold-Override_'), field('tags._amba-Bytecount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/DipAvailability_a39efd3b-04ef-48d4-a862-053092bdd6e5.json b/services/Network/loadBalancers/templates/policy/DipAvailability_a39efd3b-04ef-48d4-a862-053092bdd6e5.json new file mode 100644 index 000000000..723ec4fa6 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/DipAvailability_a39efd3b-04ef-48d4-a862-053092bdd6e5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a39efd3b-04ef-48d4-a862-053092bdd6e5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ALB Health Probe Status Alert", + "description": "Policy to Audit/Deploy ALB Health Probe Status Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DipAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DipAvailability-threshold-Override_'), field('tags._amba-DipAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DipAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers DipAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DipAvailability", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "DipAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DipAvailability-threshold-Override_'), field('tags._amba-DipAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/GlobalBackendAvailability_055c20da-0d21-4c6a-a80b-f2c4b3887804.json b/services/Network/loadBalancers/templates/policy/GlobalBackendAvailability_055c20da-0d21-4c6a-a80b-f2c4b3887804.json new file mode 100644 index 000000000..739fa8c75 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/GlobalBackendAvailability_055c20da-0d21-4c6a-a80b-f2c4b3887804.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "055c20da-0d21-4c6a-a80b-f2c4b3887804", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ALB Global Backend Availability Alert", + "description": "Policy to Audit/Deploy ALB Global Backend Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "GlobalBackendAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-GlobalBackendAvailability-threshold-Override_'), field('tags._amba-GlobalBackendAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-GlobalBackendAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers GlobalBackendAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "GlobalBackendAvailability", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "GlobalBackendAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-GlobalBackendAvailability-threshold-Override_'), field('tags._amba-GlobalBackendAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/PacketCount_d766dc3e-42cc-42a7-ba4f-3c1d7fa295c5.json b/services/Network/loadBalancers/templates/policy/PacketCount_d766dc3e-42cc-42a7-ba4f-3c1d7fa295c5.json new file mode 100644 index 000000000..3ce463ed6 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/PacketCount_d766dc3e-42cc-42a7-ba4f-3c1d7fa295c5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d766dc3e-42cc-42a7-ba4f-3c1d7fa295c5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network loadBalancers PacketCount Alert", + "description": "Policy to Audit/Deploy Network loadBalancers PacketCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PacketCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PacketCount-threshold-Override_'), field('tags._amba-PacketCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PacketCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers PacketCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PacketCount", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "PacketCount", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PacketCount-threshold-Override_'), field('tags._amba-PacketCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/SYNCount_94c90db6-8fd7-460c-b704-c2a429913376.json b/services/Network/loadBalancers/templates/policy/SYNCount_94c90db6-8fd7-460c-b704-c2a429913376.json new file mode 100644 index 000000000..882d71511 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/SYNCount_94c90db6-8fd7-460c-b704-c2a429913376.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "94c90db6-8fd7-460c-b704-c2a429913376", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network loadBalancers SYNCount Alert", + "description": "Policy to Audit/Deploy Network loadBalancers SYNCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SYNCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SYNCount-threshold-Override_'), field('tags._amba-SYNCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SYNCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers SYNCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SYNCount", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "SYNCount", + "operator": "", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SYNCount-threshold-Override_'), field('tags._amba-SYNCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/SnatConnectionCount_39d3123b-daaa-4f70-97a3-8a4f326104af.json b/services/Network/loadBalancers/templates/policy/SnatConnectionCount_39d3123b-daaa-4f70-97a3-8a4f326104af.json new file mode 100644 index 000000000..f0b1e1cb8 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/SnatConnectionCount_39d3123b-daaa-4f70-97a3-8a4f326104af.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "39d3123b-daaa-4f70-97a3-8a4f326104af", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network loadBalancers SnatConnectionCount Alert", + "description": "Policy to Audit/Deploy Network loadBalancers SnatConnectionCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SnatConnectionCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SnatConnectionCount-threshold-Override_'), field('tags._amba-SnatConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SnatConnectionCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers SnatConnectionCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SnatConnectionCount", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "SnatConnectionCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SnatConnectionCount-threshold-Override_'), field('tags._amba-SnatConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/UsedSNATPorts_a92cb746-f19f-450b-b413-8b9710b0176b.json b/services/Network/loadBalancers/templates/policy/UsedSNATPorts_a92cb746-f19f-450b-b413-8b9710b0176b.json new file mode 100644 index 000000000..1b38c9164 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/UsedSNATPorts_a92cb746-f19f-450b-b413-8b9710b0176b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a92cb746-f19f-450b-b413-8b9710b0176b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ALB Used SNAT Ports Alert", + "description": "Policy to Audit/Deploy ALB Used SNAT Ports Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "900" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UsedSNATPorts" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UsedSNATPorts-threshold-Override_'), field('tags._amba-UsedSNATPorts-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UsedSNATPorts')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers UsedSNATPorts", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UsedSNATPorts", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "UsedSNATPorts", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UsedSNATPorts-threshold-Override_'), field('tags._amba-UsedSNATPorts-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/loadBalancers/templates/policy/VipAvailability_b239797f-e627-4e48-8609-94db72098c3d.json b/services/Network/loadBalancers/templates/policy/VipAvailability_b239797f-e627-4e48-8609-94db72098c3d.json new file mode 100644 index 000000000..a6b6c5d49 --- /dev/null +++ b/services/Network/loadBalancers/templates/policy/VipAvailability_b239797f-e627-4e48-8609-94db72098c3d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b239797f-e627-4e48-8609-94db72098c3d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ALB Data Path Availability Alert", + "description": "Policy to Audit/Deploy ALB Data Path Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/loadBalancers" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VipAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VipAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network loadBalancers VipAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VipAvailability", + "metricNamespace": "Microsoft.Network/loadBalancers", + "metricName": "VipAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/natGateways/templates/policy/ByteCount_e1808855-9a4d-464d-b75a-a41183c520bd.json b/services/Network/natGateways/templates/policy/ByteCount_e1808855-9a4d-464d-b75a-a41183c520bd.json new file mode 100644 index 000000000..15dc95b93 --- /dev/null +++ b/services/Network/natGateways/templates/policy/ByteCount_e1808855-9a4d-464d-b75a-a41183c520bd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e1808855-9a4d-464d-b75a-a41183c520bd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network natGateways ByteCount Alert", + "description": "Policy to Audit/Deploy Network natGateways ByteCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "300000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ByteCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/natGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ByteCount-threshold-Override_'), field('tags._amba-ByteCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ByteCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network natGateways ByteCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ByteCount", + "metricNamespace": "Microsoft.Network/natGateways", + "metricName": "ByteCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ByteCount-threshold-Override_'), field('tags._amba-ByteCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/natGateways/templates/policy/DatapathAvailability_7cb8821d-c178-4c02-ba8a-1c6fcbcde2e8.json b/services/Network/natGateways/templates/policy/DatapathAvailability_7cb8821d-c178-4c02-ba8a-1c6fcbcde2e8.json new file mode 100644 index 000000000..73489071c --- /dev/null +++ b/services/Network/natGateways/templates/policy/DatapathAvailability_7cb8821d-c178-4c02-ba8a-1c6fcbcde2e8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7cb8821d-c178-4c02-ba8a-1c6fcbcde2e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network natGateways DatapathAvailability Alert", + "description": "Policy to Audit/Deploy Network natGateways DatapathAvailability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DatapathAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/natGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DatapathAvailability-threshold-Override_'), field('tags._amba-DatapathAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DatapathAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network natGateways DatapathAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DatapathAvailability", + "metricNamespace": "Microsoft.Network/natGateways", + "metricName": "DatapathAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DatapathAvailability-threshold-Override_'), field('tags._amba-DatapathAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/natGateways/templates/policy/PacketDropCount_53bb49ec-ed5b-40c3-999b-efefa9be4536.json b/services/Network/natGateways/templates/policy/PacketDropCount_53bb49ec-ed5b-40c3-999b-efefa9be4536.json new file mode 100644 index 000000000..69c723123 --- /dev/null +++ b/services/Network/natGateways/templates/policy/PacketDropCount_53bb49ec-ed5b-40c3-999b-efefa9be4536.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "53bb49ec-ed5b-40c3-999b-efefa9be4536", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network natGateways PacketDropCount Alert", + "description": "Policy to Audit/Deploy Network natGateways PacketDropCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PacketDropCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/natGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PacketDropCount-threshold-Override_'), field('tags._amba-PacketDropCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PacketDropCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network natGateways PacketDropCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PacketDropCount", + "metricNamespace": "Microsoft.Network/natGateways", + "metricName": "PacketDropCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PacketDropCount-threshold-Override_'), field('tags._amba-PacketDropCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/natGateways/templates/policy/SNATConnectionCount_4c2e410b-644e-4331-a55c-19bfdc3e4754.json b/services/Network/natGateways/templates/policy/SNATConnectionCount_4c2e410b-644e-4331-a55c-19bfdc3e4754.json new file mode 100644 index 000000000..c5fd95bb0 --- /dev/null +++ b/services/Network/natGateways/templates/policy/SNATConnectionCount_4c2e410b-644e-4331-a55c-19bfdc3e4754.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4c2e410b-644e-4331-a55c-19bfdc3e4754", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network natGateways SNATConnectionCount Alert", + "description": "Policy to Audit/Deploy Network natGateways SNATConnectionCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SNATConnectionCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/natGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SNATConnectionCount-threshold-Override_'), field('tags._amba-SNATConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SNATConnectionCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network natGateways SNATConnectionCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SNATConnectionCount", + "metricNamespace": "Microsoft.Network/natGateways", + "metricName": "SNATConnectionCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SNATConnectionCount-threshold-Override_'), field('tags._amba-SNATConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/natGateways/templates/policy/TotalConnectionCount_c57f27b1-151c-4d27-a77e-b85547d817f7.json b/services/Network/natGateways/templates/policy/TotalConnectionCount_c57f27b1-151c-4d27-a77e-b85547d817f7.json new file mode 100644 index 000000000..46334a85b --- /dev/null +++ b/services/Network/natGateways/templates/policy/TotalConnectionCount_c57f27b1-151c-4d27-a77e-b85547d817f7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c57f27b1-151c-4d27-a77e-b85547d817f7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network natGateways TotalConnectionCount Alert", + "description": "Policy to Audit/Deploy Network natGateways TotalConnectionCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/natGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TotalConnectionCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/natGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TotalConnectionCount-threshold-Override_'), field('tags._amba-TotalConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TotalConnectionCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network natGateways TotalConnectionCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TotalConnectionCount", + "metricNamespace": "Microsoft.Network/natGateways", + "metricName": "TotalConnectionCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TotalConnectionCount-threshold-Override_'), field('tags._amba-TotalConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/networkSecurityGroups/templates/policy/ActivityLogNSGDelete_4c54dd21-b5ce-4185-aa70-605b167f168f.json b/services/Network/networkSecurityGroups/templates/policy/ActivityLogNSGDelete_4c54dd21-b5ce-4185-aa70-605b167f168f.json new file mode 100644 index 000000000..fc1e0f939 --- /dev/null +++ b/services/Network/networkSecurityGroups/templates/policy/ActivityLogNSGDelete_4c54dd21-b5ce-4185-aa70-605b167f168f.json @@ -0,0 +1,260 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_NSG_Delete", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log NSG Delete Alert", + "description": "Policy to Deploy Activity Log NSG Delete Alert", + "metadata": { + "version": "1.0.2", + "category": "Network", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/networkSecurityGroups" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityNSGDelete", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.Network/networkSecurityGroups/delete" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityNSGDelete", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityNSGDelete", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log NSG Delete", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.Network/networkSecurityGroups/delete" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/networkWatchers/templates/policy/ChecksFailedPercent_61cbc62a-1382-4581-850f-4ea69d8a9615.json b/services/Network/networkWatchers/templates/policy/ChecksFailedPercent_61cbc62a-1382-4581-850f-4ea69d8a9615.json new file mode 100644 index 000000000..5df2ff2d8 --- /dev/null +++ b/services/Network/networkWatchers/templates/policy/ChecksFailedPercent_61cbc62a-1382-4581-850f-4ea69d8a9615.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "61cbc62a-1382-4581-850f-4ea69d8a9615", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network networkWatchers connectionMonitors ChecksFailedPercent Alert", + "description": "Policy to Audit/Deploy Network networkWatchers connectionMonitors ChecksFailedPercent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ChecksFailedPercent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/networkWatchers/connectionMonitors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ChecksFailedPercent-threshold-Override_'), field('tags._amba-ChecksFailedPercent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ChecksFailedPercent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network networkWatchers connectionMonitors ChecksFailedPercent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ChecksFailedPercent", + "metricNamespace": "Microsoft.Network/networkWatchers/connectionMonitors", + "metricName": "ChecksFailedPercent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ChecksFailedPercent-threshold-Override_'), field('tags._amba-ChecksFailedPercent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/networkWatchers/templates/policy/ProbesFailedPercent_7659c9f8-c257-4f0b-a8d9-1ceae6177ff5.json b/services/Network/networkWatchers/templates/policy/ProbesFailedPercent_7659c9f8-c257-4f0b-a8d9-1ceae6177ff5.json new file mode 100644 index 000000000..4cab0d3e7 --- /dev/null +++ b/services/Network/networkWatchers/templates/policy/ProbesFailedPercent_7659c9f8-c257-4f0b-a8d9-1ceae6177ff5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7659c9f8-c257-4f0b-a8d9-1ceae6177ff5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network networkWatchers connectionMonitors ProbesFailedPercent Alert", + "description": "Policy to Audit/Deploy Network networkWatchers connectionMonitors ProbesFailedPercent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ProbesFailedPercent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/networkWatchers/connectionMonitors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ProbesFailedPercent-threshold-Override_'), field('tags._amba-ProbesFailedPercent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ProbesFailedPercent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network networkWatchers connectionMonitors ProbesFailedPercent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ProbesFailedPercent", + "metricNamespace": "Microsoft.Network/networkWatchers/connectionMonitors", + "metricName": "ProbesFailedPercent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ProbesFailedPercent-threshold-Override_'), field('tags._amba-ProbesFailedPercent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/networkWatchers/templates/policy/RoundTripTimeMs_1744119b-cabb-4ac4-97c6-a61249a6c5be.json b/services/Network/networkWatchers/templates/policy/RoundTripTimeMs_1744119b-cabb-4ac4-97c6-a61249a6c5be.json new file mode 100644 index 000000000..cc5799d81 --- /dev/null +++ b/services/Network/networkWatchers/templates/policy/RoundTripTimeMs_1744119b-cabb-4ac4-97c6-a61249a6c5be.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1744119b-cabb-4ac4-97c6-a61249a6c5be", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network networkWatchers connectionMonitors RoundTripTimeMs Alert", + "description": "Policy to Audit/Deploy Network networkWatchers connectionMonitors RoundTripTimeMs Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RoundTripTimeMs" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/networkWatchers/connectionMonitors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RoundTripTimeMs-threshold-Override_'), field('tags._amba-RoundTripTimeMs-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RoundTripTimeMs')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network networkWatchers connectionMonitors RoundTripTimeMs", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RoundTripTimeMs", + "metricNamespace": "Microsoft.Network/networkWatchers/connectionMonitors", + "metricName": "RoundTripTimeMs", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RoundTripTimeMs-threshold-Override_'), field('tags._amba-RoundTripTimeMs-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/networkWatchers/templates/policy/TestResult_370ff9a8-11ea-469a-9f52-b1c39d61c39d.json b/services/Network/networkWatchers/templates/policy/TestResult_370ff9a8-11ea-469a-9f52-b1c39d61c39d.json new file mode 100644 index 000000000..1e405a378 --- /dev/null +++ b/services/Network/networkWatchers/templates/policy/TestResult_370ff9a8-11ea-469a-9f52-b1c39d61c39d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "370ff9a8-11ea-469a-9f52-b1c39d61c39d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network networkWatchers connectionMonitors TestResult Alert", + "description": "Policy to Audit/Deploy Network networkWatchers connectionMonitors TestResult Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/networkWatchers/connectionMonitors" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TestResult" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/networkWatchers/connectionMonitors/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TestResult-threshold-Override_'), field('tags._amba-TestResult-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TestResult')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network networkWatchers connectionMonitors TestResult", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TestResult", + "metricNamespace": "Microsoft.Network/networkWatchers/connectionMonitors", + "metricName": "TestResult", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TestResult-threshold-Override_'), field('tags._amba-TestResult-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/privateDnsZones/templates/policy/QueryVolume_4d219611-6487-4fcf-9bac-29cd9e5046a9.json b/services/Network/privateDnsZones/templates/policy/QueryVolume_4d219611-6487-4fcf-9bac-29cd9e5046a9.json new file mode 100644 index 000000000..4a02f4698 --- /dev/null +++ b/services/Network/privateDnsZones/templates/policy/QueryVolume_4d219611-6487-4fcf-9bac-29cd9e5046a9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4d219611-6487-4fcf-9bac-29cd9e5046a9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PDNSZ Query Volume Alert", + "description": "Policy to Audit/Deploy PDNSZ Query Volume Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueryVolume" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QueryVolume-threshold-Override_'), field('tags._amba-QueryVolume-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueryVolume')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network privateDnsZones QueryVolume", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueryVolume", + "metricNamespace": "Microsoft.Network/privateDnsZones", + "metricName": "QueryVolume", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QueryVolume-threshold-Override_'), field('tags._amba-QueryVolume-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/privateDnsZones/templates/policy/RecordSetCapacityUtilization_95473b2f-74ea-4929-bf22-f6f3be4ccbd5.json b/services/Network/privateDnsZones/templates/policy/RecordSetCapacityUtilization_95473b2f-74ea-4929-bf22-f6f3be4ccbd5.json new file mode 100644 index 000000000..50b667707 --- /dev/null +++ b/services/Network/privateDnsZones/templates/policy/RecordSetCapacityUtilization_95473b2f-74ea-4929-bf22-f6f3be4ccbd5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "95473b2f-74ea-4929-bf22-f6f3be4ccbd5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PDNSZ Record Set Capacity Alert", + "description": "Policy to Audit/Deploy PDNSZ Record Set Capacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RecordSetCapacityUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RecordSetCapacityUtilization-threshold-Override_'), field('tags._amba-RecordSetCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RecordSetCapacityUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network privateDnsZones RecordSetCapacityUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RecordSetCapacityUtilization", + "metricNamespace": "Microsoft.Network/privateDnsZones", + "metricName": "RecordSetCapacityUtilization", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RecordSetCapacityUtilization-threshold-Override_'), field('tags._amba-RecordSetCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/privateDnsZones/templates/policy/RecordSetCount_b410b69e-8bd5-44fe-899d-f4d5dce9931a.json b/services/Network/privateDnsZones/templates/policy/RecordSetCount_b410b69e-8bd5-44fe-899d-f4d5dce9931a.json new file mode 100644 index 000000000..7e69abe12 --- /dev/null +++ b/services/Network/privateDnsZones/templates/policy/RecordSetCount_b410b69e-8bd5-44fe-899d-f4d5dce9931a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b410b69e-8bd5-44fe-899d-f4d5dce9931a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network privateDnsZones RecordSetCount Alert", + "description": "Policy to Audit/Deploy Network privateDnsZones RecordSetCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "18750" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RecordSetCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RecordSetCount-threshold-Override_'), field('tags._amba-RecordSetCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RecordSetCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network privateDnsZones RecordSetCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RecordSetCount", + "metricNamespace": "Microsoft.Network/privateDnsZones", + "metricName": "RecordSetCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RecordSetCount-threshold-Override_'), field('tags._amba-RecordSetCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/privateDnsZones/templates/policy/VirtualNetworkLinkCapacityUtilization_e71f87d1-81bb-4ee6-802d-9da4ab1cb3e3.json b/services/Network/privateDnsZones/templates/policy/VirtualNetworkLinkCapacityUtilization_e71f87d1-81bb-4ee6-802d-9da4ab1cb3e3.json new file mode 100644 index 000000000..dc031bb39 --- /dev/null +++ b/services/Network/privateDnsZones/templates/policy/VirtualNetworkLinkCapacityUtilization_e71f87d1-81bb-4ee6-802d-9da4ab1cb3e3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e71f87d1-81bb-4ee6-802d-9da4ab1cb3e3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PDNSZ Capacity Utilization Alert", + "description": "Policy to Audit/Deploy PDNSZ Capacity Utilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VirtualNetworkLinkCapacityUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VirtualNetworkLinkCapacityUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network privateDnsZones VirtualNetworkLinkCapacityUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VirtualNetworkLinkCapacityUtilization", + "metricNamespace": "Microsoft.Network/privateDnsZones", + "metricName": "VirtualNetworkLinkCapacityUtilization", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/privateDnsZones/templates/policy/VirtualNetworkWithRegistrationCapacityUtilization_c064753f-ea6a-4940-b603-975adb5127ae.json b/services/Network/privateDnsZones/templates/policy/VirtualNetworkWithRegistrationCapacityUtilization_c064753f-ea6a-4940-b603-975adb5127ae.json new file mode 100644 index 000000000..dec22c520 --- /dev/null +++ b/services/Network/privateDnsZones/templates/policy/VirtualNetworkWithRegistrationCapacityUtilization_c064753f-ea6a-4940-b603-975adb5127ae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c064753f-ea6a-4940-b603-975adb5127ae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PDNSZ Registration Capacity Utilization Alert", + "description": "Policy to Audit/Deploy PDNSZ Registration Capacity Utilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/privateDnsZones" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VirtualNetworkWithRegistrationCapacityUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VirtualNetworkWithRegistrationCapacityUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network privateDnsZones VirtualNetworkWithRegistrationCapacityUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VirtualNetworkWithRegistrationCapacityUtilization", + "metricNamespace": "Microsoft.Network/privateDnsZones", + "metricName": "VirtualNetworkWithRegistrationCapacityUtilization", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/BytesInDDoS_652acaf1-c5a1-4a88-b3bb-822a14dece19.json b/services/Network/publicIPAddresses/templates/policy/BytesInDDoS_652acaf1-c5a1-4a88-b3bb-822a14dece19.json new file mode 100644 index 000000000..586299d95 --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/BytesInDDoS_652acaf1-c5a1-4a88-b3bb-822a14dece19.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "652acaf1-c5a1-4a88-b3bb-822a14dece19", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PIP Bytes in DDoS Attack Alert", + "description": "Policy to Audit/Deploy PIP Bytes in DDoS Attack Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "8000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BytesInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BytesInDDoS-threshold-Override_'), field('tags._amba-BytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BytesInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses BytesInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BytesInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "BytesInDDoS", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BytesInDDoS-threshold-Override_'), field('tags._amba-BytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/IfUnderDDoSAttack_cb9a5dd7-4ae2-4adf-ab11-95363032ee5d.json b/services/Network/publicIPAddresses/templates/policy/IfUnderDDoSAttack_cb9a5dd7-4ae2-4adf-ab11-95363032ee5d.json new file mode 100644 index 000000000..b653a5a71 --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/IfUnderDDoSAttack_cb9a5dd7-4ae2-4adf-ab11-95363032ee5d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cb9a5dd7-4ae2-4adf-ab11-95363032ee5d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PIP DDoS Attack Alert", + "description": "Policy to Audit/Deploy PIP DDoS Attack Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IfUnderDDoSAttack" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IfUnderDDoSAttack-threshold-Override_'), field('tags._amba-IfUnderDDoSAttack-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IfUnderDDoSAttack')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses IfUnderDDoSAttack", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IfUnderDDoSAttack", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "IfUnderDDoSAttack", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IfUnderDDoSAttack-threshold-Override_'), field('tags._amba-IfUnderDDoSAttack-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/PacketsInDDoS_a78addf1-4632-4fc2-9afc-d1fb75049872.json b/services/Network/publicIPAddresses/templates/policy/PacketsInDDoS_a78addf1-4632-4fc2-9afc-d1fb75049872.json new file mode 100644 index 000000000..e651ff52f --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/PacketsInDDoS_a78addf1-4632-4fc2-9afc-d1fb75049872.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a78addf1-4632-4fc2-9afc-d1fb75049872", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PIP Packets in DDoS Attack Alert", + "description": "Policy to Audit/Deploy PIP Packets in DDoS Attack Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "40000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PacketsInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PacketsInDDoS-threshold-Override_'), field('tags._amba-PacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PacketsInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses PacketsInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PacketsInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "PacketsInDDoS", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PacketsInDDoS-threshold-Override_'), field('tags._amba-PacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/TCPBytesInDDoS_54d85ec1-6c8d-4372-bdab-f6f0b5cc12c4.json b/services/Network/publicIPAddresses/templates/policy/TCPBytesInDDoS_54d85ec1-6c8d-4372-bdab-f6f0b5cc12c4.json new file mode 100644 index 000000000..85cc42887 --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/TCPBytesInDDoS_54d85ec1-6c8d-4372-bdab-f6f0b5cc12c4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "54d85ec1-6c8d-4372-bdab-f6f0b5cc12c4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network publicIPAddresses TCPBytesInDDoS Alert", + "description": "Policy to Audit/Deploy Network publicIPAddresses TCPBytesInDDoS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "40000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TCPBytesInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TCPBytesInDDoS-threshold-Override_'), field('tags._amba-TCPBytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TCPBytesInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses TCPBytesInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TCPBytesInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "TCPBytesInDDoS", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TCPBytesInDDoS-threshold-Override_'), field('tags._amba-TCPBytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/TCPPacketsInDDoS_529b0b1f-46fc-423f-94ab-dd71dd7894e2.json b/services/Network/publicIPAddresses/templates/policy/TCPPacketsInDDoS_529b0b1f-46fc-423f-94ab-dd71dd7894e2.json new file mode 100644 index 000000000..277a3e5e3 --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/TCPPacketsInDDoS_529b0b1f-46fc-423f-94ab-dd71dd7894e2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "529b0b1f-46fc-423f-94ab-dd71dd7894e2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network publicIPAddresses TCPPacketsInDDoS Alert", + "description": "Policy to Audit/Deploy Network publicIPAddresses TCPPacketsInDDoS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "40000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TCPPacketsInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TCPPacketsInDDoS-threshold-Override_'), field('tags._amba-TCPPacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TCPPacketsInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses TCPPacketsInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TCPPacketsInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "TCPPacketsInDDoS", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TCPPacketsInDDoS-threshold-Override_'), field('tags._amba-TCPPacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/UDPBytesInDDoS_8020f41e-ca61-43b4-88ca-f520057dfa92.json b/services/Network/publicIPAddresses/templates/policy/UDPBytesInDDoS_8020f41e-ca61-43b4-88ca-f520057dfa92.json new file mode 100644 index 000000000..b8317ea4a --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/UDPBytesInDDoS_8020f41e-ca61-43b4-88ca-f520057dfa92.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8020f41e-ca61-43b4-88ca-f520057dfa92", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network publicIPAddresses UDPBytesInDDoS Alert", + "description": "Policy to Audit/Deploy Network publicIPAddresses UDPBytesInDDoS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "40000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UDPBytesInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UDPBytesInDDoS-threshold-Override_'), field('tags._amba-UDPBytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UDPBytesInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses UDPBytesInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UDPBytesInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "UDPBytesInDDoS", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UDPBytesInDDoS-threshold-Override_'), field('tags._amba-UDPBytesInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/UDPPacketsInDDoS_27181c58-ca7a-433f-a0ee-a7a33102cb36.json b/services/Network/publicIPAddresses/templates/policy/UDPPacketsInDDoS_27181c58-ca7a-433f-a0ee-a7a33102cb36.json new file mode 100644 index 000000000..56be5c4af --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/UDPPacketsInDDoS_27181c58-ca7a-433f-a0ee-a7a33102cb36.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "27181c58-ca7a-433f-a0ee-a7a33102cb36", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network publicIPAddresses UDPPacketsInDDoS Alert", + "description": "Policy to Audit/Deploy Network publicIPAddresses UDPPacketsInDDoS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "40000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UDPPacketsInDDoS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UDPPacketsInDDoS-threshold-Override_'), field('tags._amba-UDPPacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UDPPacketsInDDoS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses UDPPacketsInDDoS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UDPPacketsInDDoS", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "UDPPacketsInDDoS", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UDPPacketsInDDoS-threshold-Override_'), field('tags._amba-UDPPacketsInDDoS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/publicIPAddresses/templates/policy/VipAvailability_7f4c355a-5411-4400-826a-b82007bbd83d.json b/services/Network/publicIPAddresses/templates/policy/VipAvailability_7f4c355a-5411-4400-826a-b82007bbd83d.json new file mode 100644 index 000000000..c7909bb2a --- /dev/null +++ b/services/Network/publicIPAddresses/templates/policy/VipAvailability_7f4c355a-5411-4400-826a-b82007bbd83d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7f4c355a-5411-4400-826a-b82007bbd83d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PIP VIP Availability Alert", + "description": "Policy to Audit/Deploy PIP VIP Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/publicIPAddresses" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "VipAvailability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-VipAvailability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network publicIPAddresses VipAvailability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "VipAvailability", + "metricNamespace": "Microsoft.Network/publicIPAddresses", + "metricName": "VipAvailability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/routeTables/templates/policy/ActivityLogRouteTableUpdate_6c81eeff-a3a7-4c72-a58e-f2e547ab2799.json b/services/Network/routeTables/templates/policy/ActivityLogRouteTableUpdate_6c81eeff-a3a7-4c72-a58e-f2e547ab2799.json new file mode 100644 index 000000000..df93ee30a --- /dev/null +++ b/services/Network/routeTables/templates/policy/ActivityLogRouteTableUpdate_6c81eeff-a3a7-4c72-a58e-f2e547ab2799.json @@ -0,0 +1,260 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_RouteTable_Update", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log Route Table Update Alert", + "description": "Policy to Deploy Activity Log Route Table Update Alert", + "metadata": { + "version": "1.0.1", + "category": "Network", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/routeTables" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityUDRUpdate", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.Network/routeTables/routes/write" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityUDRUpdate", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityUDRUpdate", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log Route table update", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.Network/routeTables/routes/write" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/trafficmanagerprofiles/templates/policy/ProbeAgentCurrentEndpointStateByProfileResourceId_dd3f294f-d12e-4e34-8f6a-c304d3d977e2.json b/services/Network/trafficmanagerprofiles/templates/policy/ProbeAgentCurrentEndpointStateByProfileResourceId_dd3f294f-d12e-4e34-8f6a-c304d3d977e2.json new file mode 100644 index 000000000..99757a5c5 --- /dev/null +++ b/services/Network/trafficmanagerprofiles/templates/policy/ProbeAgentCurrentEndpointStateByProfileResourceId_dd3f294f-d12e-4e34-8f6a-c304d3d977e2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dd3f294f-d12e-4e34-8f6a-c304d3d977e2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network trafficmanagerprofiles ProbeAgentCurrentEndpointStateByProfileResourceId Alert", + "description": "Policy to Audit/Deploy Network trafficmanagerprofiles ProbeAgentCurrentEndpointStateByProfileResourceId Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/trafficmanagerprofiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/trafficmanagerprofiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ProbeAgentCurrentEndpointStateByProfileResourceId" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/trafficmanagerprofiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ProbeAgentCurrentEndpointStateByProfileResourceId-threshold-Override_'), field('tags._amba-ProbeAgentCurrentEndpointStateByProfileResourceId-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ProbeAgentCurrentEndpointStateByProfileResourceId')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network trafficmanagerprofiles ProbeAgentCurrentEndpointStateByProfileResourceId", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ProbeAgentCurrentEndpointStateByProfileResourceId", + "metricNamespace": "Microsoft.Network/trafficmanagerprofiles", + "metricName": "ProbeAgentCurrentEndpointStateByProfileResourceId", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ProbeAgentCurrentEndpointStateByProfileResourceId-threshold-Override_'), field('tags._amba-ProbeAgentCurrentEndpointStateByProfileResourceId-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/trafficmanagerprofiles/templates/policy/QpsByEndpoint_f4699243-1ba2-49a8-85f8-c4a22a563925.json b/services/Network/trafficmanagerprofiles/templates/policy/QpsByEndpoint_f4699243-1ba2-49a8-85f8-c4a22a563925.json new file mode 100644 index 000000000..669b9b38d --- /dev/null +++ b/services/Network/trafficmanagerprofiles/templates/policy/QpsByEndpoint_f4699243-1ba2-49a8-85f8-c4a22a563925.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f4699243-1ba2-49a8-85f8-c4a22a563925", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network trafficmanagerprofiles QpsByEndpoint Alert", + "description": "Policy to Audit/Deploy Network trafficmanagerprofiles QpsByEndpoint Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "P1D" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/trafficmanagerprofiles" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/trafficmanagerprofiles" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QpsByEndpoint" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/trafficmanagerprofiles/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QpsByEndpoint-threshold-Override_'), field('tags._amba-QpsByEndpoint-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QpsByEndpoint')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network trafficmanagerprofiles QpsByEndpoint", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QpsByEndpoint", + "metricNamespace": "Microsoft.Network/trafficmanagerprofiles", + "metricName": "QpsByEndpoint", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QpsByEndpoint-threshold-Override_'), field('tags._amba-QpsByEndpoint-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/AverageBandwidth_88642ff7-6c08-486a-9bf2-37764d5bf6a3.json b/services/Network/virtualNetworkGateways/templates/policy/AverageBandwidth_88642ff7-6c08-486a-9bf2-37764d5bf6a3.json new file mode 100644 index 000000000..4df33f43f --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/AverageBandwidth_88642ff7-6c08-486a-9bf2-37764d5bf6a3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "88642ff7-6c08-486a-9bf2-37764d5bf6a3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Network virtualNetworkGateways AverageBandwidth Alert", + "description": "Policy to Audit/Deploy Network virtualNetworkGateways AverageBandwidth Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "450000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageBandwidth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageBandwidth-threshold-Override_'), field('tags._amba-AverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageBandwidth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways AverageBandwidth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageBandwidth", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "AverageBandwidth", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageBandwidth-threshold-Override_'), field('tags._amba-AverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayBitsPerSecond_4c3c25d2-7473-4d0c-9174-609162571859.json b/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayBitsPerSecond_4c3c25d2-7473-4d0c-9174-609162571859.json new file mode 100644 index 000000000..9f2b9dc81 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayBitsPerSecond_4c3c25d2-7473-4d0c-9174-609162571859.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4c3c25d2-7473-4d0c-9174-609162571859", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG ExpressRoute Bits Per Second Alert", + "description": "Policy to Audit/Deploy VNetG ExpressRoute Bits Per Second Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ExpressRouteGatewayBitsPerSecond" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), field('tags._amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ExpressRouteGatewayBitsPerSecond')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways ExpressRouteGatewayBitsPerSecond", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ExpressRouteGatewayBitsPerSecond", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "ExpressRouteGatewayBitsPerSecond", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), field('tags._amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayCpuUtilization_56491bc7-1267-42a2-92c6-fe9efe822ff1.json b/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayCpuUtilization_56491bc7-1267-42a2-92c6-fe9efe822ff1.json new file mode 100644 index 000000000..07a0fc9b2 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/ExpressRouteGatewayCpuUtilization_56491bc7-1267-42a2-92c6-fe9efe822ff1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "56491bc7-1267-42a2-92c6-fe9efe822ff1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG ExpressRoute CPU Utilization Alert", + "description": "Policy to Audit/Deploy VNetG ExpressRoute CPU Utilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ExpressRouteGatewayCpuUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ExpressRouteGatewayCpuUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways ExpressRouteGatewayCpuUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ExpressRouteGatewayCpuUtilization", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "ExpressRouteGatewayCpuUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelAverageBandwidth_09bb7f01-a715-437d-b692-325f89e1869e.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelAverageBandwidth_09bb7f01-a715-437d-b692-325f89e1869e.json new file mode 100644 index 000000000..00de94b76 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelAverageBandwidth_09bb7f01-a715-437d-b692-325f89e1869e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "09bb7f01-a715-437d-b692-325f89e1869e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Tunnel Bandwidth Alert", + "description": "Policy to Audit/Deploy VNetG Tunnel Bandwidth Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelAverageBandwidth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelAverageBandwidth-threshold-Override_'), field('tags._amba-TunnelAverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelAverageBandwidth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelAverageBandwidth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelAverageBandwidth", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelAverageBandwidth", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelAverageBandwidth-threshold-Override_'), field('tags._amba-TunnelAverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressBytes_092f6e09-1eb5-436d-b7c2-eadb70318920.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressBytes_092f6e09-1eb5-436d-b7c2-eadb70318920.json new file mode 100644 index 000000000..09aa39e4d --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressBytes_092f6e09-1eb5-436d-b7c2-eadb70318920.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "092f6e09-1eb5-436d-b7c2-eadb70318920", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Tunnel Egress Alert", + "description": "Policy to Audit/Deploy VNetG Tunnel Egress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelEgressBytes-threshold-Override_'), field('tags._amba-TunnelEgressBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelEgressBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressBytes", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelEgressBytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelEgressBytes-threshold-Override_'), field('tags._amba-TunnelEgressBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropCount_6f02e3e8-9bfa-4312-a352-6506139e3dba.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropCount_6f02e3e8-9bfa-4312-a352-6506139e3dba.json new file mode 100644 index 000000000..03ae39e51 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropCount_6f02e3e8-9bfa-4312-a352-6506139e3dba.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6f02e3e8-9bfa-4312-a352-6506139e3dba", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Egress Packet Drop Count Alert", + "description": "Policy to Audit/Deploy VNetG Egress Packet Drop Count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressPacketDropCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressPacketDropCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelEgressPacketDropCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressPacketDropCount", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelEgressPacketDropCount", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropTSMismatch_ca909c09-89c4-467e-bdca-9140e72d6c82.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropTSMismatch_ca909c09-89c4-467e-bdca-9140e72d6c82.json new file mode 100644 index 000000000..f65a3402c --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelEgressPacketDropTSMismatch_ca909c09-89c4-467e-bdca-9140e72d6c82.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ca909c09-89c4-467e-bdca-9140e72d6c82", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Egress Packet Drop Mismatch Alert", + "description": "Policy to Audit/Deploy VNetG Egress Packet Drop Mismatch Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressPacketDropTSMismatch" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressPacketDropTSMismatch')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelEgressPacketDropTSMismatch", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressPacketDropTSMismatch", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelEgressPacketDropTSMismatch", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressBytes_a34fa329-da3e-4947-8d06-9bd2bee6c8a7.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressBytes_a34fa329-da3e-4947-8d06-9bd2bee6c8a7.json new file mode 100644 index 000000000..3a98b4a8d --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressBytes_a34fa329-da3e-4947-8d06-9bd2bee6c8a7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a34fa329-da3e-4947-8d06-9bd2bee6c8a7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Tunnel Ingress Alert", + "description": "Policy to Audit/Deploy VNetG Tunnel Ingress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelIngressBytes-threshold-Override_'), field('tags._amba-TunnelIngressBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelIngressBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressBytes", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelIngressBytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelIngressBytes-threshold-Override_'), field('tags._amba-TunnelIngressBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropCount_b511650f-535c-45d1-a089-0ea402245deb.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropCount_b511650f-535c-45d1-a089-0ea402245deb.json new file mode 100644 index 000000000..244500dd1 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropCount_b511650f-535c-45d1-a089-0ea402245deb.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b511650f-535c-45d1-a089-0ea402245deb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Ingress Packet Drop Count Alert", + "description": "Policy to Audit/Deploy VNetG Ingress Packet Drop Count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressPacketDropCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressPacketDropCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelIngressPacketDropCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressPacketDropCount", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelIngressPacketDropCount", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropTSMismatch_1cc4a539-e4bf-40e8-a280-f4e9e178fb51.json b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropTSMismatch_1cc4a539-e4bf-40e8-a280-f4e9e178fb51.json new file mode 100644 index 000000000..a13d83799 --- /dev/null +++ b/services/Network/virtualNetworkGateways/templates/policy/TunnelIngressPacketDropTSMismatch_1cc4a539-e4bf-40e8-a280-f4e9e178fb51.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1cc4a539-e4bf-40e8-a280-f4e9e178fb51", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Egress Packet Drop Mismatch Alert", + "description": "Policy to Audit/Deploy VNetG Egress Packet Drop Mismatch Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworkGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressPacketDropTSMismatch" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressPacketDropTSMismatch')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworkGateways TunnelIngressPacketDropTSMismatch", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressPacketDropTSMismatch", + "metricNamespace": "Microsoft.Network/virtualNetworkGateways", + "metricName": "TunnelIngressPacketDropTSMismatch", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/virtualNetworks/templates/policy/IfUnderDDoSAttack_72dea6f4-858c-423f-8189-406aac7d20ac.json b/services/Network/virtualNetworks/templates/policy/IfUnderDDoSAttack_72dea6f4-858c-423f-8189-406aac7d20ac.json new file mode 100644 index 000000000..d63b8a5e3 --- /dev/null +++ b/services/Network/virtualNetworks/templates/policy/IfUnderDDoSAttack_72dea6f4-858c-423f-8189-406aac7d20ac.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "72dea6f4-858c-423f-8189-406aac7d20ac", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNet DDoS Attack Alert", + "description": "Policy to Audit/Deploy VNet DDoS Attack Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/virtualNetworks" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/virtualNetworks" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IfUnderDDoSAttack" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworks/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IfUnderDDoSAttack-threshold-Override_'), field('tags._amba-IfUnderDDoSAttack-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IfUnderDDoSAttack')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network virtualNetworks IfUnderDDoSAttack", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IfUnderDDoSAttack", + "metricNamespace": "Microsoft.Network/virtualNetworks", + "metricName": "IfUnderDDoSAttack", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IfUnderDDoSAttack-threshold-Override_'), field('tags._amba-IfUnderDDoSAttack-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/ActivityLogVPNGatewayDelete_50c8313a-bbe7-4981-8eee-4b4d44fda37f.json b/services/Network/vpnGateways/templates/policy/ActivityLogVPNGatewayDelete_50c8313a-bbe7-4981-8eee-4b4d44fda37f.json new file mode 100644 index 000000000..07d6f40c5 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/ActivityLogVPNGatewayDelete_50c8313a-bbe7-4981-8eee-4b4d44fda37f.json @@ -0,0 +1,259 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_VPNGateway_Delete", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log VPN Gateway Delete Alert", + "description": "Policy to Deploy Activity Log VPN Gateway Delete Alert", + "metadata": { + "version": "1.0.1", + "category": "Network", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "AlzMonitoring-rg" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.Network/vpnGateways/delete" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityVPNGatewayDelete", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityVPNGatewayDelete", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log VPN Gateway Delete", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.Network/vpnGateways/delete" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/BgpPeerStatus_b0ea832c-aae8-42c0-ad83-0bb13d66d56e.json b/services/Network/vpnGateways/templates/policy/BgpPeerStatus_b0ea832c-aae8-42c0-ad83-0bb13d66d56e.json new file mode 100644 index 000000000..84628f4cc --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/BgpPeerStatus_b0ea832c-aae8-42c0-ad83-0bb13d66d56e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0ea832c-aae8-42c0-ad83-0bb13d66d56e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG BGP Peer Status Alert", + "description": "Policy to Audit/Deploy VPNG BGP Peer Status Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BgpPeerStatus" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BgpPeerStatus-threshold-Override_'), field('tags._amba-BgpPeerStatus-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BgpPeerStatus')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways BgpPeerStatus", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BgpPeerStatus", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "BgpPeerStatus", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BgpPeerStatus-threshold-Override_'), field('tags._amba-BgpPeerStatus-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelAverageBandwidth_d74fd111-125f-45b8-8bbc-e23bd40aa869.json b/services/Network/vpnGateways/templates/policy/TunnelAverageBandwidth_d74fd111-125f-45b8-8bbc-e23bd40aa869.json new file mode 100644 index 000000000..fd0ce0254 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelAverageBandwidth_d74fd111-125f-45b8-8bbc-e23bd40aa869.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d74fd111-125f-45b8-8bbc-e23bd40aa869", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Bandwidth Utilization Alert", + "description": "Policy to Audit/Deploy VPNG Bandwidth Utilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelAverageBandwidth" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelAverageBandwidth-threshold-Override_'), field('tags._amba-TunnelAverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelAverageBandwidth')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelAverageBandwidth", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelAverageBandwidth", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelAverageBandwidth", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelAverageBandwidth-threshold-Override_'), field('tags._amba-TunnelAverageBandwidth-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelEgressBytes_cd3b834d-f34f-4a67-af01-b1c5d32195a9.json b/services/Network/vpnGateways/templates/policy/TunnelEgressBytes_cd3b834d-f34f-4a67-af01-b1c5d32195a9.json new file mode 100644 index 000000000..1f6ed40ea --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelEgressBytes_cd3b834d-f34f-4a67-af01-b1c5d32195a9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "cd3b834d-f34f-4a67-af01-b1c5d32195a9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Egress Alert", + "description": "Policy to Audit/Deploy VPNG Egress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelEgressBytes-threshold-Override_'), field('tags._amba-TunnelEgressBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelEgressBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressBytes", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelEgressBytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelEgressBytes-threshold-Override_'), field('tags._amba-TunnelEgressBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropCount_c5ae6d80-59db-4087-8e9b-0df36c54ebe9.json b/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropCount_c5ae6d80-59db-4087-8e9b-0df36c54ebe9.json new file mode 100644 index 000000000..50f7bb0cd --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropCount_c5ae6d80-59db-4087-8e9b-0df36c54ebe9.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c5ae6d80-59db-4087-8e9b-0df36c54ebe9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Egress Packet Drop Count Alert", + "description": "Policy to Audit/Deploy VPNG Egress Packet Drop Count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressPacketDropCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressPacketDropCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelEgressPacketDropCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressPacketDropCount", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelEgressPacketDropCount", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropTSMismatch_7b361791-127e-4a6f-9c1b-c8d9f41ec223.json b/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropTSMismatch_7b361791-127e-4a6f-9c1b-c8d9f41ec223.json new file mode 100644 index 000000000..eff432109 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelEgressPacketDropTSMismatch_7b361791-127e-4a6f-9c1b-c8d9f41ec223.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7b361791-127e-4a6f-9c1b-c8d9f41ec223", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Egress Packet Drop Mismatch Alert", + "description": "Policy to Audit/Deploy VPNG Egress Packet Drop Mismatch Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelEgressPacketDropTSMismatch" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelEgressPacketDropTSMismatch')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelEgressPacketDropTSMismatch", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelEgressPacketDropTSMismatch", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelEgressPacketDropTSMismatch", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelIngressBytes_a05d97b8-37b9-4100-a860-d57363aaaf5f.json b/services/Network/vpnGateways/templates/policy/TunnelIngressBytes_a05d97b8-37b9-4100-a860-d57363aaaf5f.json new file mode 100644 index 000000000..8d074f667 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelIngressBytes_a05d97b8-37b9-4100-a860-d57363aaaf5f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a05d97b8-37b9-4100-a860-d57363aaaf5f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Ingress Alert", + "description": "Policy to Audit/Deploy VPNG Ingress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TunnelIngressBytes-threshold-Override_'), field('tags._amba-TunnelIngressBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelIngressBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressBytes", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelIngressBytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TunnelIngressBytes-threshold-Override_'), field('tags._amba-TunnelIngressBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropCount_c2c9a09d-7fad-4c67-9a29-4c2c376a7214.json b/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropCount_c2c9a09d-7fad-4c67-9a29-4c2c376a7214.json new file mode 100644 index 000000000..084e9dd16 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropCount_c2c9a09d-7fad-4c67-9a29-4c2c376a7214.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c2c9a09d-7fad-4c67-9a29-4c2c376a7214", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VNetG Ingress Packet Drop Count Alert", + "description": "Policy to Audit/Deploy VNetG Ingress Packet Drop Count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressPacketDropCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressPacketDropCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelIngressPacketDropCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressPacketDropCount", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelIngressPacketDropCount", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropTSMismatch_7affb4da-2058-4f12-b15b-ca58e92b63e5.json b/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropTSMismatch_7affb4da-2058-4f12-b15b-ca58e92b63e5.json new file mode 100644 index 000000000..f98e17853 --- /dev/null +++ b/services/Network/vpnGateways/templates/policy/TunnelIngressPacketDropTSMismatch_7affb4da-2058-4f12-b15b-ca58e92b63e5.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7affb4da-2058-4f12-b15b-ca58e92b63e5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy VPNG Ingress Packet Drop Mismatch Alert", + "description": "Policy to Audit/Deploy VPNG Ingress Packet Drop Mismatch Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Network", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Network/vpnGateways" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TunnelIngressPacketDropTSMismatch" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/vpnGateways/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TunnelIngressPacketDropTSMismatch')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Network vpnGateways TunnelIngressPacketDropTSMismatch", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TunnelIngressPacketDropTSMismatch", + "metricNamespace": "Microsoft.Network/vpnGateways", + "metricName": "TunnelIngressPacketDropTSMismatch", + "operator": "GreaterThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceDelete_63cdfaa7-f029-4c4b-8f34-fff71fe401af.json b/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceDelete_63cdfaa7-f029-4c4b-8f34-fff71fe401af.json new file mode 100644 index 000000000..3dbbf74c5 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceDelete_63cdfaa7-f029-4c4b-8f34-fff71fe401af.json @@ -0,0 +1,259 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_LAWorkspace_Delete", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log LA Workspace Delete Alert", + "description": "Policy to Deploy Activity Log LA Workspace Delete Alert", + "metadata": { + "version": "1.0.3", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityLAWorkspaceDelete", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.OperationalInsights/workspaces/delete" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityLAWorkspaceDelete", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityLAWorkspaceDelete", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log LA Workspace Delete", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.OperationalInsights/workspaces/delete" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceRegenerateKey_04a98577-458a-4a5d-88b2-22b2d140f9f3.json b/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceRegenerateKey_04a98577-458a-4a5d-88b2-22b2d140f9f3.json new file mode 100644 index 000000000..3375d7868 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/ActivityLogLAWorkspaceRegenerateKey_04a98577-458a-4a5d-88b2-22b2d140f9f3.json @@ -0,0 +1,260 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_LAWorkspace_KeyRegen", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Activity Log LA Workspace Regenerate Key Alert", + "description": "Policy to Deploy Activity Log LA Workspace Regenerate Key Alert", + "metadata": { + "version": "1.0.2", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "environment": "test", + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "deployIfNotExists", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "ActivityLAWorkspaceRegenKey", + "existenceScope": "resourceGroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Microsoft.OperationalInsights/workspaces/regeneratesharedkey/action" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ActivityLAWorkspaceRegenKey", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ActivityLAWorkspaceRegenKey", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Activity Log LA Workspace Regenerate Key", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "Microsoft.OperationalInsights/workspaces/regeneratesharedkey/action" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytesMemory_99ba0b14-4b3c-49b5-8763-3161b9aae538.json b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytesMemory_99ba0b14-4b3c-49b5-8763-3161b9aae538.json new file mode 100644 index 000000000..f2ee407a3 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytesMemory_99ba0b14-4b3c-49b5-8763-3161b9aae538.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "99ba0b14-4b3c-49b5-8763-3161b9aae538", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Available MBytes Memory Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Available MBytes Memory Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Available MBytes Memory" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Available MBytes Memory-threshold-Override_'), field('tags._amba-Average_Available MBytes Memory-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Available MBytes Memory')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Available MBytes Memory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Available MBytes Memory", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Available MBytes Memory", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Available MBytes Memory-threshold-Override_'), field('tags._amba-Average_Available MBytes Memory-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytes_b0c5e86f-eb2d-41ea-a4a0-9819ad841c70.json b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytes_b0c5e86f-eb2d-41ea-a4a0-9819ad841c70.json new file mode 100644 index 000000000..0187c0591 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMBytes_b0c5e86f-eb2d-41ea-a4a0-9819ad841c70.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0c5e86f-eb2d-41ea-a4a0-9819ad841c70", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Available MBytes Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Available MBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "512" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Available MBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Available MBytes-threshold-Override_'), field('tags._amba-Average_Available MBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Available MBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Available MBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Available MBytes", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Available MBytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Available MBytes-threshold-Override_'), field('tags._amba-Average_Available MBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMemory_91044c16-83bc-457f-80a9-360bad5dedb4.json b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMemory_91044c16-83bc-457f-80a9-360bad5dedb4.json new file mode 100644 index 000000000..982eac637 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_AvailableMemory_91044c16-83bc-457f-80a9-360bad5dedb4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "91044c16-83bc-457f-80a9-360bad5dedb4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Available Memory Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Available Memory Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Available Memory" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Available Memory-threshold-Override_'), field('tags._amba-Average_% Available Memory-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Available Memory')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Available Memory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Available Memory", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Available Memory", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Available Memory-threshold-Override_'), field('tags._amba-Average_% Available Memory-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecRead_8b472051-ff68-4059-9e50-243bfb64bae4.json b/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecRead_8b472051-ff68-4059-9e50-243bfb64bae4.json new file mode 100644 index 000000000..580344945 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecRead_8b472051-ff68-4059-9e50-243bfb64bae4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8b472051-ff68-4059-9e50-243bfb64bae4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Avg. Disk sec/Read Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Avg. Disk sec/Read Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.04" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Avg. Disk sec/Read" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Avg. Disk sec/Read-threshold-Override_'), field('tags._amba-Average_Avg. Disk sec/Read-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Avg. Disk sec/Read')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Avg. Disk sec/Read", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Avg. Disk sec/Read", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Avg. Disk sec/Read", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Avg. Disk sec/Read-threshold-Override_'), field('tags._amba-Average_Avg. Disk sec/Read-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecWrite_aad0e64e-3cda-45bf-b6bd-8cff29ee35e5.json b/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecWrite_aad0e64e-3cda-45bf-b6bd-8cff29ee35e5.json new file mode 100644 index 000000000..6f8a43b37 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_AvgDisksecWrite_aad0e64e-3cda-45bf-b6bd-8cff29ee35e5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "aad0e64e-3cda-45bf-b6bd-8cff29ee35e5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Avg. Disk sec/Write Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Avg. Disk sec/Write Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.04" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Avg. Disk sec/Write" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Avg. Disk sec/Write-threshold-Override_'), field('tags._amba-Average_Avg. Disk sec/Write-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Avg. Disk sec/Write')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Avg. Disk sec/Write", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Avg. Disk sec/Write", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Avg. Disk sec/Write", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Avg. Disk sec/Write-threshold-Override_'), field('tags._amba-Average_Avg. Disk sec/Write-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_BytesReceivedsec_60ec2790-dc83-419c-bdb5-38da9a477c68.json b/services/OperationalInsights/workspaces/templates/policy/Average_BytesReceivedsec_60ec2790-dc83-419c-bdb5-38da9a477c68.json new file mode 100644 index 000000000..32b387c66 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_BytesReceivedsec_60ec2790-dc83-419c-bdb5-38da9a477c68.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "60ec2790-dc83-419c-bdb5-38da9a477c68", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Bytes Received/sec Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Bytes Received/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Bytes Received/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 3 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Bytes Received/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Bytes Received/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Bytes Received/sec", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Bytes Received/sec", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 3, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_BytesSentsec_de6d5087-bc5a-474f-9319-248a3c03ab44.json b/services/OperationalInsights/workspaces/templates/policy/Average_BytesSentsec_de6d5087-bc5a-474f-9319-248a3c03ab44.json new file mode 100644 index 000000000..ea314669e --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_BytesSentsec_de6d5087-bc5a-474f-9319-248a3c03ab44.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "de6d5087-bc5a-474f-9319-248a3c03ab44", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Bytes Sent/sec Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Bytes Sent/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Bytes Sent/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 3 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Bytes Sent/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Bytes Sent/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Bytes Sent/sec", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Bytes Sent/sec", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 3, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_CommittedBytesInUse_a70e406c-a0ae-4e0f-99cd-8b0836812c59.json b/services/OperationalInsights/workspaces/templates/policy/Average_CommittedBytesInUse_a70e406c-a0ae-4e0f-99cd-8b0836812c59.json new file mode 100644 index 000000000..1a7cae043 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_CommittedBytesInUse_a70e406c-a0ae-4e0f-99cd-8b0836812c59.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a70e406c-a0ae-4e0f-99cd-8b0836812c59", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Committed Bytes In Use Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Committed Bytes In Use Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Committed Bytes In Use" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Committed Bytes In Use-threshold-Override_'), field('tags._amba-Average_% Committed Bytes In Use-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Committed Bytes In Use')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Committed Bytes In Use", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Committed Bytes In Use", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Committed Bytes In Use", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Committed Bytes In Use-threshold-Override_'), field('tags._amba-Average_% Committed Bytes In Use-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_CurrentDiskQueueLength_08a4f049-9bb8-45d0-9dfb-320f385cc71f.json b/services/OperationalInsights/workspaces/templates/policy/Average_CurrentDiskQueueLength_08a4f049-9bb8-45d0-9dfb-320f385cc71f.json new file mode 100644 index 000000000..d72c89929 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_CurrentDiskQueueLength_08a4f049-9bb8-45d0-9dfb-320f385cc71f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "08a4f049-9bb8-45d0-9dfb-320f385cc71f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Current Disk Queue Length Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Current Disk Queue Length Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Current Disk Queue Length" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Current Disk Queue Length-threshold-Override_'), field('tags._amba-Average_Current Disk Queue Length-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Current Disk Queue Length')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Current Disk Queue Length", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Current Disk Queue Length", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Current Disk Queue Length", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Current Disk Queue Length-threshold-Override_'), field('tags._amba-Average_Current Disk Queue Length-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_DiskTransferssec_30b462dd-d026-4122-9bcf-3a114517e04c.json b/services/OperationalInsights/workspaces/templates/policy/Average_DiskTransferssec_30b462dd-d026-4122-9bcf-3a114517e04c.json new file mode 100644 index 000000000..bc47b0cfe --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_DiskTransferssec_30b462dd-d026-4122-9bcf-3a114517e04c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "30b462dd-d026-4122-9bcf-3a114517e04c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Disk Transfers/sec Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Disk Transfers/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Disk Transfers/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Disk Transfers/sec-threshold-Override_'), field('tags._amba-Average_Disk Transfers/sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Disk Transfers/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Disk Transfers/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Disk Transfers/sec", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Disk Transfers/sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Disk Transfers/sec-threshold-Override_'), field('tags._amba-Average_Disk Transfers/sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_FreeMegabytes_969677fe-d1e0-42f6-92af-c9269780411b.json b/services/OperationalInsights/workspaces/templates/policy/Average_FreeMegabytes_969677fe-d1e0-42f6-92af-c9269780411b.json new file mode 100644 index 000000000..3f23de211 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_FreeMegabytes_969677fe-d1e0-42f6-92af-c9269780411b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "969677fe-d1e0-42f6-92af-c9269780411b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Free Megabytes Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Free Megabytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10240" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Free Megabytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Free Megabytes-threshold-Override_'), field('tags._amba-Average_Free Megabytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Free Megabytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Free Megabytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Free Megabytes", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Free Megabytes", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Free Megabytes-threshold-Override_'), field('tags._amba-Average_Free Megabytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_FreeSpace_db621663-ec0a-4fa3-82a7-b6b110726568.json b/services/OperationalInsights/workspaces/templates/policy/Average_FreeSpace_db621663-ec0a-4fa3-82a7-b6b110726568.json new file mode 100644 index 000000000..7e488d2c4 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_FreeSpace_db621663-ec0a-4fa3-82a7-b6b110726568.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "db621663-ec0a-4fa3-82a7-b6b110726568", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Free Space Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Free Space Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Free Space" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Free Space-threshold-Override_'), field('tags._amba-Average_% Free Space-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Free Space')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Free Space", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Free Space", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Free Space", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Free Space-threshold-Override_'), field('tags._amba-Average_% Free Space-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_IOWaitTime_1116a5eb-9e12-415a-af46-fad552421d36.json b/services/OperationalInsights/workspaces/templates/policy/Average_IOWaitTime_1116a5eb-9e12-415a-af46-fad552421d36.json new file mode 100644 index 000000000..29230fc1a --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_IOWaitTime_1116a5eb-9e12-415a-af46-fad552421d36.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1116a5eb-9e12-415a-af46-fad552421d36", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% IO Wait Time Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% IO Wait Time Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% IO Wait Time" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% IO Wait Time-threshold-Override_'), field('tags._amba-Average_% IO Wait Time-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% IO Wait Time')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% IO Wait Time", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% IO Wait Time", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% IO Wait Time", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% IO Wait Time-threshold-Override_'), field('tags._amba-Average_% IO Wait Time-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_IdleTime_732c0a7b-ac17-47cb-bf78-2ebaa839fa0d.json b/services/OperationalInsights/workspaces/templates/policy/Average_IdleTime_732c0a7b-ac17-47cb-bf78-2ebaa839fa0d.json new file mode 100644 index 000000000..9b5fd00c6 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_IdleTime_732c0a7b-ac17-47cb-bf78-2ebaa839fa0d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "732c0a7b-ac17-47cb-bf78-2ebaa839fa0d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Idle Time Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Idle Time Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Idle Time" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Idle Time-threshold-Override_'), field('tags._amba-Average_% Idle Time-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Idle Time')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Idle Time", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Idle Time", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Idle Time", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Idle Time-threshold-Override_'), field('tags._amba-Average_% Idle Time-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_Pagessec_88b7198b-32a5-4ae2-aaa5-7925066cc08c.json b/services/OperationalInsights/workspaces/templates/policy/Average_Pagessec_88b7198b-32a5-4ae2-aaa5-7925066cc08c.json new file mode 100644 index 000000000..7a6d9e2bd --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_Pagessec_88b7198b-32a5-4ae2-aaa5-7925066cc08c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "88b7198b-32a5-4ae2-aaa5-7925066cc08c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Pages/sec Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Pages/sec Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Pages/sec" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_Pages/sec-threshold-Override_'), field('tags._amba-Average_Pages/sec-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Pages/sec')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Pages/sec", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Pages/sec", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Pages/sec", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_Pages/sec-threshold-Override_'), field('tags._amba-Average_Pages/sec-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_ProcessorTime_0c416177-e7ce-40d5-8f15-8566b3d7c03c.json b/services/OperationalInsights/workspaces/templates/policy/Average_ProcessorTime_0c416177-e7ce-40d5-8f15-8566b3d7c03c.json new file mode 100644 index 000000000..e933ef121 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_ProcessorTime_0c416177-e7ce-40d5-8f15-8566b3d7c03c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0c416177-e7ce-40d5-8f15-8566b3d7c03c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Processor Time Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Processor Time Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Processor Time" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Processor Time-threshold-Override_'), field('tags._amba-Average_% Processor Time-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Processor Time')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Processor Time", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Processor Time", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Processor Time", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Processor Time-threshold-Override_'), field('tags._amba-Average_% Processor Time-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesReceived_593b6885-3fb8-4562-89f1-8b0b68649185.json b/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesReceived_593b6885-3fb8-4562-89f1-8b0b68649185.json new file mode 100644 index 000000000..512045a3f --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesReceived_593b6885-3fb8-4562-89f1-8b0b68649185.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "593b6885-3fb8-4562-89f1-8b0b68649185", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Total Bytes Received Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Total Bytes Received Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Total Bytes Received" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 3 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Total Bytes Received')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Total Bytes Received", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Total Bytes Received", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Total Bytes Received", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 3, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesTransmitted_76583e85-8be6-4d02-8e09-aff0ce8574f8.json b/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesTransmitted_76583e85-8be6-4d02-8e09-aff0ce8574f8.json new file mode 100644 index 000000000..cd2fe599d --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_TotalBytesTransmitted_76583e85-8be6-4d02-8e09-aff0ce8574f8.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "76583e85-8be6-4d02-8e09-aff0ce8574f8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_Total Bytes Transmitted Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_Total Bytes Transmitted Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Medium" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_Total Bytes Transmitted" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 3 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_Total Bytes Transmitted')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_Total Bytes Transmitted", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_Total Bytes Transmitted", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_Total Bytes Transmitted", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 3, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_UsedInodes_af5d055f-0e1f-4c48-808a-d21f8268357d.json b/services/OperationalInsights/workspaces/templates/policy/Average_UsedInodes_af5d055f-0e1f-4c48-808a-d21f8268357d.json new file mode 100644 index 000000000..efaeacf65 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_UsedInodes_af5d055f-0e1f-4c48-808a-d21f8268357d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "af5d055f-0e1f-4c48-808a-d21f8268357d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Used Inodes Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Used Inodes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Used Inodes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Used Inodes-threshold-Override_'), field('tags._amba-Average_% Used Inodes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Used Inodes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Used Inodes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Used Inodes", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Used Inodes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Used Inodes-threshold-Override_'), field('tags._amba-Average_% Used Inodes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_UsedMemory_171e5b5c-78cc-44a1-b7fb-7d750914ed5e.json b/services/OperationalInsights/workspaces/templates/policy/Average_UsedMemory_171e5b5c-78cc-44a1-b7fb-7d750914ed5e.json new file mode 100644 index 000000000..90e658df2 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_UsedMemory_171e5b5c-78cc-44a1-b7fb-7d750914ed5e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "171e5b5c-78cc-44a1-b7fb-7d750914ed5e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Used Memory Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Used Memory Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Used Memory" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Used Memory-threshold-Override_'), field('tags._amba-Average_% Used Memory-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Used Memory')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Used Memory", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Used Memory", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Used Memory", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Used Memory-threshold-Override_'), field('tags._amba-Average_% Used Memory-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_UsedSpace_49ba0df7-18bf-4b3e-9d0f-f8c055762fd5.json b/services/OperationalInsights/workspaces/templates/policy/Average_UsedSpace_49ba0df7-18bf-4b3e-9d0f-f8c055762fd5.json new file mode 100644 index 000000000..8c0180f68 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_UsedSpace_49ba0df7-18bf-4b3e-9d0f-f8c055762fd5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "49ba0df7-18bf-4b3e-9d0f-f8c055762fd5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Used Space Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Used Space Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Used Space" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Used Space-threshold-Override_'), field('tags._amba-Average_% Used Space-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Used Space')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Used Space", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Used Space", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Used Space", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Used Space-threshold-Override_'), field('tags._amba-Average_% Used Space-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_UsedSwapSpace_04f64694-48a2-48ee-9455-ccce8e59b66f.json b/services/OperationalInsights/workspaces/templates/policy/Average_UsedSwapSpace_04f64694-48a2-48ee-9455-ccce8e59b66f.json new file mode 100644 index 000000000..defe36522 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_UsedSwapSpace_04f64694-48a2-48ee-9455-ccce8e59b66f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "04f64694-48a2-48ee-9455-ccce8e59b66f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% Used Swap Space Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% Used Swap Space Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% Used Swap Space" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% Used Swap Space-threshold-Override_'), field('tags._amba-Average_% Used Swap Space-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% Used Swap Space')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% Used Swap Space", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% Used Swap Space", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% Used Swap Space", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% Used Swap Space-threshold-Override_'), field('tags._amba-Average_% Used Swap Space-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Average_UserTime_b8140cdb-5492-4177-881f-8668372947a8.json b/services/OperationalInsights/workspaces/templates/policy/Average_UserTime_b8140cdb-5492-4177-881f-8668372947a8.json new file mode 100644 index 000000000..7338aeb4e --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Average_UserTime_b8140cdb-5492-4177-881f-8668372947a8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b8140cdb-5492-4177-881f-8668372947a8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Average_% User Time Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Average_% User Time Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Average_% User Time" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Average_% User Time-threshold-Override_'), field('tags._amba-Average_% User Time-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Average_% User Time')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Average_% User Time", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Average_% User Time", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Average_% User Time", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Average_% User Time-threshold-Override_'), field('tags._amba-Average_% User Time-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Event_0b608189-b028-4851-8854-9ce1a48c3dd6.json b/services/OperationalInsights/workspaces/templates/policy/Event_0b608189-b028-4851-8854-9ce1a48c3dd6.json new file mode 100644 index 000000000..a413a77c7 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Event_0b608189-b028-4851-8854-9ce1a48c3dd6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0b608189-b028-4851-8854-9ce1a48c3dd6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Event Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Event Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Event" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Event-threshold-Override_'), field('tags._amba-Event-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Event')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Event", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Event", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Event", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Event-threshold-Override_'), field('tags._amba-Event-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/OperationalInsights/workspaces/templates/policy/Heartbeat_83703f70-9ea8-44aa-b88a-a8e56eb42858.json b/services/OperationalInsights/workspaces/templates/policy/Heartbeat_83703f70-9ea8-44aa-b88a-a8e56eb42858.json new file mode 100644 index 000000000..08e28f3f7 --- /dev/null +++ b/services/OperationalInsights/workspaces/templates/policy/Heartbeat_83703f70-9ea8-44aa-b88a-a8e56eb42858.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "83703f70-9ea8-44aa-b88a-a8e56eb42858", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy OperationalInsights workspaces Heartbeat Alert", + "description": "Policy to Audit/Deploy OperationalInsights workspaces Heartbeat Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "OperationalInsights", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.OperationalInsights/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Heartbeat" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Heartbeat-threshold-Override_'), field('tags._amba-Heartbeat-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Heartbeat')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for OperationalInsights workspaces Heartbeat", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Heartbeat", + "metricNamespace": "Microsoft.OperationalInsights/workspaces", + "metricName": "Heartbeat", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Heartbeat-threshold-Override_'), field('tags._amba-Heartbeat-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/PowerBIDedicated/capacities/templates/policy/cpu_metric_2993107e-d54f-4fc4-af7a-6a9bc6b4ea46.json b/services/PowerBIDedicated/capacities/templates/policy/cpu_metric_2993107e-d54f-4fc4-af7a-6a9bc6b4ea46.json new file mode 100644 index 000000000..5082fdd00 --- /dev/null +++ b/services/PowerBIDedicated/capacities/templates/policy/cpu_metric_2993107e-d54f-4fc4-af7a-6a9bc6b4ea46.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2993107e-d54f-4fc4-af7a-6a9bc6b4ea46", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy PowerBIDedicated capacities cpu_metric Alert", + "description": "Policy to Audit/Deploy PowerBIDedicated capacities cpu_metric Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "PowerBIDedicated", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.PowerBIDedicated/capacities" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.PowerBIDedicated/capacities" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_metric" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.PowerBIDedicated/capacities/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_metric-threshold-Override_'), field('tags._amba-cpu_metric-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_metric')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for PowerBIDedicated capacities cpu_metric", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_metric", + "metricNamespace": "Microsoft.PowerBIDedicated/capacities", + "metricName": "cpu_metric", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_metric-threshold-Override_'), field('tags._amba-cpu_metric-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/RecoveryServices/vaults/templates/policy/BackupHealthEvent_8f9b2819-9c51-4f30-91fd-195b7bc5d7a5.json b/services/RecoveryServices/vaults/templates/policy/BackupHealthEvent_8f9b2819-9c51-4f30-91fd-195b7bc5d7a5.json new file mode 100644 index 000000000..1ebfa6c4d --- /dev/null +++ b/services/RecoveryServices/vaults/templates/policy/BackupHealthEvent_8f9b2819-9c51-4f30-91fd-195b7bc5d7a5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8f9b2819-9c51-4f30-91fd-195b7bc5d7a5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy RecoveryServices vaults BackupHealthEvent Alert", + "description": "Policy to Audit/Deploy RecoveryServices vaults BackupHealthEvent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "RecoveryServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "P1D" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.RecoveryServices/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.RecoveryServices/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BackupHealthEvent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.RecoveryServices/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BackupHealthEvent-threshold-Override_'), field('tags._amba-BackupHealthEvent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BackupHealthEvent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for RecoveryServices vaults BackupHealthEvent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BackupHealthEvent", + "metricNamespace": "Microsoft.RecoveryServices/vaults", + "metricName": "BackupHealthEvent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BackupHealthEvent-threshold-Override_'), field('tags._amba-BackupHealthEvent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/RecoveryServices/vaults/templates/policy/BackupHealthMonitoring_aa56c6a8-87b3-4291-bdff-7996948c3155.json b/services/RecoveryServices/vaults/templates/policy/BackupHealthMonitoring_aa56c6a8-87b3-4291-bdff-7996948c3155.json new file mode 100644 index 000000000..1511c77a6 --- /dev/null +++ b/services/RecoveryServices/vaults/templates/policy/BackupHealthMonitoring_aa56c6a8-87b3-4291-bdff-7996948c3155.json @@ -0,0 +1,82 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_RecoveryVault_BackupHealthMonitor_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy RV Backup Health Monitoring Alerts", + "description": "Policy to audit/update Recovery Vault Backup Health Alerting to Azure monitor alerts", + "metadata": { + "version": "1.0.0", + "category": "Site Recovery", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "modify", + "audit", + "disabled" + ], + "defaultValue": "modify" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Tag name to disable monitoring resource. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.RecoveryServices/Vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + }, + { + "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings.alertsForAllJobFailures", + "notEquals": "Enabled" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "conflictEffect": "audit", + "operations": [ + { + "operation": "addOrReplace", + "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.classicAlertSettings.alertsForCriticalOperations", + "value": "Disabled" + }, + { + "operation": "addOrReplace", + "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings.alertsForAllJobFailures", + "value": "Enabled" + } + ] + } + } + } + } +} diff --git a/services/RecoveryServices/vaults/templates/policy/RestoreHealthEvent_805aa9c8-4d52-411d-9811-cc02b33952e3.json b/services/RecoveryServices/vaults/templates/policy/RestoreHealthEvent_805aa9c8-4d52-411d-9811-cc02b33952e3.json new file mode 100644 index 000000000..8f0682485 --- /dev/null +++ b/services/RecoveryServices/vaults/templates/policy/RestoreHealthEvent_805aa9c8-4d52-411d-9811-cc02b33952e3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "805aa9c8-4d52-411d-9811-cc02b33952e3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy RecoveryServices vaults RestoreHealthEvent Alert", + "description": "Policy to Audit/Deploy RecoveryServices vaults RestoreHealthEvent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "RecoveryServices", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.RecoveryServices/vaults" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.RecoveryServices/vaults" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RestoreHealthEvent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.RecoveryServices/vaults/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RestoreHealthEvent-threshold-Override_'), field('tags._amba-RestoreHealthEvent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RestoreHealthEvent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for RecoveryServices vaults RestoreHealthEvent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RestoreHealthEvent", + "metricNamespace": "Microsoft.RecoveryServices/vaults", + "metricName": "RestoreHealthEvent", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RestoreHealthEvent-threshold-Override_'), field('tags._amba-RestoreHealthEvent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Relay/namespaces/templates/policy/ActiveListeners_25a1c11a-3ec4-47aa-b67e-f359fd14483a.json b/services/Relay/namespaces/templates/policy/ActiveListeners_25a1c11a-3ec4-47aa-b67e-f359fd14483a.json new file mode 100644 index 000000000..352e2091a --- /dev/null +++ b/services/Relay/namespaces/templates/policy/ActiveListeners_25a1c11a-3ec4-47aa-b67e-f359fd14483a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "25a1c11a-3ec4-47aa-b67e-f359fd14483a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Relay namespaces ActiveListeners Alert", + "description": "Policy to Audit/Deploy Relay namespaces ActiveListeners Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Relay", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Relay/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Relay/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActiveListeners" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Relay/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActiveListeners-threshold-Override_'), field('tags._amba-ActiveListeners-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActiveListeners')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Relay namespaces ActiveListeners", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActiveListeners", + "metricNamespace": "Microsoft.Relay/namespaces", + "metricName": "ActiveListeners", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActiveListeners-threshold-Override_'), field('tags._amba-ActiveListeners-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Resources/subscriptions/templates/policy/ResourceHealthUnhealthy_afcf3ad4-93c9-46e4-bdb7-3a8e9af405d1.json b/services/Resources/subscriptions/templates/policy/ResourceHealthUnhealthy_afcf3ad4-93c9-46e4-bdb7-3a8e9af405d1.json new file mode 100644 index 000000000..a28d1e22e --- /dev/null +++ b/services/Resources/subscriptions/templates/policy/ResourceHealthUnhealthy_afcf3ad4-93c9-46e4-bdb7-3a8e9af405d1.json @@ -0,0 +1,408 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_ResourceHealth_Unhealthy_Alert", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Resource Health Unhealthy Alert", + "description": "Policy to Deploy Resource Health Unhealthy Alert", + "metadata": { + "version": "1.1.0", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "disabled" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "BYOActionGroup": { + "type": "String", + "metadata": { + "displayName": "Customer defined Action Group Resource ID", + "description": "The Resource ID of an existing Action Group already deployed by the customer in his environment" + }, + "defaultValue": "" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Resources/subscriptions" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "anyOf": [ + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": true + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "ag-AMBA-SH-" + } + ] + }, + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": false + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", + "where": { + "anyOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "[[split(trim(parameters('BYOActionGroup')),',')[0]]" + } + ] + } + }, + "equals": 1 + } + ] + } + ] + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ResourceHealth" + } + ] + } + ] + } + }, + "equals": 1 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": { + "varBYOActionGroups": "[[split(parameters('BYOActionGroup'), ',')]", + "copy": [ + { + "name": "varActionGroupIds", + "count": "[[length(variables('varBYOActionGroups'))]", + "mode": "serial", + "input": { + "actionGroupId": "[[trim(variables('varBYOActionGroups')[copyIndex('varActionGroupIds')])]" + } + } + ] + }, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ResourceHealtAlert", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "condition": "[[empty(parameters('BYOActionGroup'))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ResourceHealthUnhealthyAlert", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": [ + { + "actionGroupId": "[[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]", + "webhookProperties": {} + } + ] + }, + "description": "Resource Health Unhealthy Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ResourceHealth" + }, + { + "anyOf": [ + { + "field": "properties.cause", + "equals": "PlatformInitiated" + }, + { + "field": "properties.cause", + "equals": "UserInitiated" + } + ] + }, + { + "anyOf": [ + { + "field": "properties.currentHealthStatus", + "equals": "Degraded" + }, + { + "field": "properties.currentHealthStatus", + "equals": "Unavailable" + } + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + }, + { + "condition": "[[not(empty(parameters('BYOActionGroup')))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ResourceHealthUnhealthyAlert", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": "[[variables('varActionGroupIds')]" + }, + "description": "Resource Health Unhealthy Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ResourceHealth" + }, + { + "anyOf": [ + { + "field": "properties.cause", + "equals": "PlatformInitiated" + }, + { + "field": "properties.cause", + "equals": "UserInitiated" + } + ] + }, + { + "anyOf": [ + { + "field": "properties.currentHealthStatus", + "equals": "Degraded" + }, + { + "field": "properties.currentHealthStatus", + "equals": "Unavailable" + } + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Resources/subscriptions/templates/policy/ServiceHealthAdvisory_7b56e46e-8fbf-404d-a1e5-fbb3d9ea8d7e.json b/services/Resources/subscriptions/templates/policy/ServiceHealthAdvisory_7b56e46e-8fbf-404d-a1e5-fbb3d9ea8d7e.json new file mode 100644 index 000000000..e4484ec19 --- /dev/null +++ b/services/Resources/subscriptions/templates/policy/ServiceHealthAdvisory_7b56e46e-8fbf-404d-a1e5-fbb3d9ea8d7e.json @@ -0,0 +1,399 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_ServiceHealth_HealthAdvisory", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Service Health Advisory Alert", + "description": "Policy to Deploy Service Health Advisory Alert", + "metadata": { + "version": "1.2.0", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "disabled" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "ALZMonitorActionGroupEmail": { + "type": "String", + "metadata": { + "displayName": "Action Group Email Addresses", + "description": "Email addresses to send alerts to" + }, + "defaultValue": "" + }, + "BYOActionGroup": { + "type": "String", + "metadata": { + "displayName": "Customer defined Action Group Resource ID", + "description": "The Resource ID of an existing Action Group already deployed by the customer in his environment" + }, + "defaultValue": "" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Resources/subscriptions" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourceGroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "anyOf": [ + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": true + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "ag-AMBA-SH-" + } + ] + }, + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": false + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", + "where": { + "anyOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "[[split(trim(parameters('BYOActionGroup')),',')[0]]" + } + ] + } + }, + "equals": 1 + } + ] + } + ] + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ServiceHealth" + } + ] + }, + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "properties.incidentType" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ActionRequired" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": { + "varBYOActionGroups": "[[split(parameters('BYOActionGroup'), ',')]", + "copy": [ + { + "name": "varActionGroupIds", + "count": "[[length(variables('varBYOActionGroups'))]", + "mode": "serial", + "input": { + "actionGroupId": "[[trim(variables('varBYOActionGroups')[copyIndex('varActionGroupIds')])]" + } + } + ] + }, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ServiceHealthHealth", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "condition": "[[empty(parameters('BYOActionGroup'))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthAdvisoryEvent", + "location": "Global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": [ + { + "actionGroupId": "[[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" + } + ] + }, + "description": "Service Health Advisory Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "ActionRequired" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + }, + { + "condition": "[[not(empty(parameters('BYOActionGroup')))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthAdvisoryEvent", + "location": "Global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": "[[variables('varActionGroupIds')]" + }, + "description": "Service Health Advisory Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "ActionRequired" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Resources/subscriptions/templates/policy/ServiceHealthIncident_f0dfdd7b-8e50-4a96-ba7f-9a58280f0df0.json b/services/Resources/subscriptions/templates/policy/ServiceHealthIncident_f0dfdd7b-8e50-4a96-ba7f-9a58280f0df0.json new file mode 100644 index 000000000..717cce406 --- /dev/null +++ b/services/Resources/subscriptions/templates/policy/ServiceHealthIncident_f0dfdd7b-8e50-4a96-ba7f-9a58280f0df0.json @@ -0,0 +1,399 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_ServiceHealth_Incident", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Service Health Incident Alert", + "description": "Policy to Deploy Service Health Incident Alert", + "metadata": { + "version": "1.2.0", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "disabled" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "ALZMonitorActionGroupEmail": { + "type": "String", + "metadata": { + "displayName": "Action Group Email Addresses", + "description": "Email addresses to send alerts to" + }, + "defaultValue": "" + }, + "BYOActionGroup": { + "type": "String", + "metadata": { + "displayName": "Customer defined Action Group Resource ID", + "description": "The Resource ID of an existing Action Group already deployed by the customer in his environment" + }, + "defaultValue": "" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Resources/subscriptions" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "anyOf": [ + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": true + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "ag-AMBA-SH-" + } + ] + }, + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": false + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", + "where": { + "anyOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "[[split(trim(parameters('BYOActionGroup')),',')[0]]" + } + ] + } + }, + "equals": 1 + } + ] + } + ] + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ServiceHealth" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "properties.incidentType" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Incident" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": { + "varBYOActionGroups": "[[split(parameters('BYOActionGroup'), ',')]", + "copy": [ + { + "name": "varActionGroupIds", + "count": "[[length(variables('varBYOActionGroups'))]", + "mode": "serial", + "input": { + "actionGroupId": "[[trim(variables('varBYOActionGroups')[copyIndex('varActionGroupIds')])]" + } + } + ] + }, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ServiceHealthIncident", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "condition": "[[empty(parameters('BYOActionGroup'))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthIncident", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": [ + { + "actionGroupId": "[[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" + } + ] + }, + "description": "Service Health Incident Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Incident" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + }, + { + "condition": "[[not(empty(parameters('BYOActionGroup')))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthIncident", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": "[[variables('varActionGroupIds')]" + }, + "description": "Service Health Incident Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Incident" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Resources/subscriptions/templates/policy/ServiceHealthMaintenance_26a33edf-0698-424d-aae2-6bcd5af323d5.json b/services/Resources/subscriptions/templates/policy/ServiceHealthMaintenance_26a33edf-0698-424d-aae2-6bcd5af323d5.json new file mode 100644 index 000000000..f37a7e740 --- /dev/null +++ b/services/Resources/subscriptions/templates/policy/ServiceHealthMaintenance_26a33edf-0698-424d-aae2-6bcd5af323d5.json @@ -0,0 +1,399 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_ServiceHealth_Maintenance", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Service Health Maintenance Alert", + "description": "Policy to Deploy Service Health Maintenance Alert", + "metadata": { + "version": "1.2.0", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "disabled" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "ALZMonitorActionGroupEmail": { + "type": "String", + "metadata": { + "displayName": "Action Group Email Addresses", + "description": "Email addresses to send alerts to" + }, + "defaultValue": "" + }, + "BYOActionGroup": { + "type": "String", + "metadata": { + "displayName": "Customer defined Action Group Resource ID", + "description": "The Resource ID of an existing Action Group already deployed by the customer in his environment" + }, + "defaultValue": "" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Resources/subscriptions" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "anyOf": [ + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": true + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "ag-AMBA-SH-" + } + ] + }, + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": false + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", + "where": { + "anyOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "[[split(trim(parameters('BYOActionGroup')),',')[0]]" + } + ] + } + }, + "equals": 1 + } + ] + } + ] + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ServiceHealth" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "properties.incidentType" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Maintenance" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": { + "varBYOActionGroups": "[[split(parameters('BYOActionGroup'), ',')]", + "copy": [ + { + "name": "varActionGroupIds", + "count": "[[length(variables('varBYOActionGroups'))]", + "mode": "serial", + "input": { + "actionGroupId": "[[trim(variables('varBYOActionGroups')[copyIndex('varActionGroupIds')])]" + } + } + ] + }, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ServiceHealthMaintenance", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "condition": "[[empty(parameters('BYOActionGroup'))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthPlannedMaintenance", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": [ + { + "actionGroupId": "[[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" + } + ] + }, + "description": "Service Health Planned Maintenance Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Maintenance" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + }, + { + "condition": "[[not(empty(parameters('BYOActionGroup')))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthPlannedMaintenance", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": "[[variables('varActionGroupIds')]" + }, + "description": "Service Health Planned Maintenance Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Maintenance" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Resources/subscriptions/templates/policy/ServiceHealthSecurity_89dbd4e4-f709-47c6-a243-4207678c8473.json b/services/Resources/subscriptions/templates/policy/ServiceHealthSecurity_89dbd4e4-f709-47c6-a243-4207678c8473.json new file mode 100644 index 000000000..f361cc28e --- /dev/null +++ b/services/Resources/subscriptions/templates/policy/ServiceHealthSecurity_89dbd4e4-f709-47c6-a243-4207678c8473.json @@ -0,0 +1,399 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "Deploy_activitylog_ServiceHealth_SecurityAdvisory", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Service Health Security Advisory Alert", + "description": "Policy to Deploy Service Health Security Advisory Alert", + "metadata": { + "version": "1.2.0", + "category": "Monitoring", + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "_deployed_by_amba": true + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "disabled" + }, + "MonitorDisable": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "ALZMonitorActionGroupEmail": { + "type": "String", + "metadata": { + "displayName": "Action Group Email Addresses", + "description": "Email addresses to send alerts to" + }, + "defaultValue": "" + }, + "BYOActionGroup": { + "type": "String", + "metadata": { + "displayName": "Customer defined Action Group Resource ID", + "description": "The Resource ID of an existing Action Group already deployed by the customer in his environment" + }, + "defaultValue": "" + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Resources/subscriptions" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisable'), ']')]", + "notEquals": "true" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "existenceScope": "resourcegroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "anyOf": [ + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": true + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "ag-AMBA-SH-" + } + ] + }, + { + "allOf": [ + { + "value": "[[empty(parameters('BYOActionGroup'))]", + "equals": false + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", + "where": { + "anyOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", + "contains": "[[split(trim(parameters('BYOActionGroup')),',')[0]]" + } + ] + } + }, + "equals": 1 + } + ] + } + ] + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "ServiceHealth" + } + ] + }, + { + "allOf": [ + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field", + "equals": "properties.incidentType" + }, + { + "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals", + "equals": "Security" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": { + "varBYOActionGroups": "[[split(parameters('BYOActionGroup'), ',')]", + "copy": [ + { + "name": "varActionGroupIds", + "count": "[[length(variables('varBYOActionGroups'))]", + "mode": "serial", + "input": { + "actionGroupId": "[[trim(variables('varBYOActionGroups')[copyIndex('varActionGroupIds')])]" + } + } + ] + }, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "ServiceSecurityIncident", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "ALZMonitorActionGroupEmail": { + "type": "string" + }, + "BYOActionGroup": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "condition": "[[empty(parameters('BYOActionGroup'))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthSecurityIncident", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": [ + { + "actionGroupId": "[[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" + } + ] + }, + "description": "Service Health Security Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Security" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + }, + { + "condition": "[[not(empty(parameters('BYOActionGroup')))]", + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "ServiceHealthSecurityIncident", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "actions": { + "actionGroups": "[[variables('varActionGroupIds')]" + }, + "description": "Service Health Security Alert", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "ServiceHealth" + }, + { + "field": "properties.incidentType", + "equals": "Security" + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "ALZMonitorActionGroupEmail": { + "value": "[[parameters('ALZMonitorActionGroupEmail')]" + }, + "BYOActionGroup": { + "value": "[[parameters('BYOActionGroup')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Search/searchServices/templates/policy/SearchLatency_d3985fe5-c7f0-47a1-b52e-26098345a433.json b/services/Search/searchServices/templates/policy/SearchLatency_d3985fe5-c7f0-47a1-b52e-26098345a433.json new file mode 100644 index 000000000..3a952b4c7 --- /dev/null +++ b/services/Search/searchServices/templates/policy/SearchLatency_d3985fe5-c7f0-47a1-b52e-26098345a433.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d3985fe5-c7f0-47a1-b52e-26098345a433", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Search searchServices SearchLatency Alert", + "description": "Policy to Audit/Deploy Search searchServices SearchLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Search", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Search/searchServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Search/searchServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SearchLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Search/searchServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SearchLatency-threshold-Override_'), field('tags._amba-SearchLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SearchLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Search searchServices SearchLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SearchLatency", + "metricNamespace": "Microsoft.Search/searchServices", + "metricName": "SearchLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SearchLatency-threshold-Override_'), field('tags._amba-SearchLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Search/searchServices/templates/policy/ThrottledSearchQueriesPercentage_7a044f2f-f38f-4f13-82eb-c7f49bf17ad0.json b/services/Search/searchServices/templates/policy/ThrottledSearchQueriesPercentage_7a044f2f-f38f-4f13-82eb-c7f49bf17ad0.json new file mode 100644 index 000000000..1be820097 --- /dev/null +++ b/services/Search/searchServices/templates/policy/ThrottledSearchQueriesPercentage_7a044f2f-f38f-4f13-82eb-c7f49bf17ad0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7a044f2f-f38f-4f13-82eb-c7f49bf17ad0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Search searchServices ThrottledSearchQueriesPercentage Alert", + "description": "Policy to Audit/Deploy Search searchServices ThrottledSearchQueriesPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Search", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Search/searchServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Search/searchServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ThrottledSearchQueriesPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Search/searchServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ThrottledSearchQueriesPercentage-threshold-Override_'), field('tags._amba-ThrottledSearchQueriesPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ThrottledSearchQueriesPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Search searchServices ThrottledSearchQueriesPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ThrottledSearchQueriesPercentage", + "metricNamespace": "Microsoft.Search/searchServices", + "metricName": "ThrottledSearchQueriesPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ThrottledSearchQueriesPercentage-threshold-Override_'), field('tags._amba-ThrottledSearchQueriesPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/AbandonMessage_172396a9-27f0-4c01-9510-94ba4a0d4738.json b/services/ServiceBus/namespaces/templates/policy/AbandonMessage_172396a9-27f0-4c01-9510-94ba4a0d4738.json new file mode 100644 index 000000000..e107f6626 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/AbandonMessage_172396a9-27f0-4c01-9510-94ba4a0d4738.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "172396a9-27f0-4c01-9510-94ba4a0d4738", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces AbandonMessage Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces AbandonMessage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AbandonMessage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AbandonMessage-threshold-Override_'), field('tags._amba-AbandonMessage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AbandonMessage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces AbandonMessage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AbandonMessage", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "AbandonMessage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AbandonMessage-threshold-Override_'), field('tags._amba-AbandonMessage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ActiveConnections_784a29e7-5799-4fde-90ee-b6ebcb2a8747.json b/services/ServiceBus/namespaces/templates/policy/ActiveConnections_784a29e7-5799-4fde-90ee-b6ebcb2a8747.json new file mode 100644 index 000000000..487c08e9a --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ActiveConnections_784a29e7-5799-4fde-90ee-b6ebcb2a8747.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "784a29e7-5799-4fde-90ee-b6ebcb2a8747", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ActiveConnections Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ActiveConnections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActiveConnections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActiveConnections-threshold-Override_'), field('tags._amba-ActiveConnections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActiveConnections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ActiveConnections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActiveConnections", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ActiveConnections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActiveConnections-threshold-Override_'), field('tags._amba-ActiveConnections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ActiveMessages_0b3362f7-b1ff-4d78-8c25-f14ee9300ae1.json b/services/ServiceBus/namespaces/templates/policy/ActiveMessages_0b3362f7-b1ff-4d78-8c25-f14ee9300ae1.json new file mode 100644 index 000000000..e1b0d929b --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ActiveMessages_0b3362f7-b1ff-4d78-8c25-f14ee9300ae1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0b3362f7-b1ff-4d78-8c25-f14ee9300ae1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ActiveMessages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ActiveMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ActiveMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ActiveMessages-threshold-Override_'), field('tags._amba-ActiveMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ActiveMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ActiveMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ActiveMessages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ActiveMessages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ActiveMessages-threshold-Override_'), field('tags._amba-ActiveMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/DeadletteredMessages_868a7fc3-9c5c-4fb4-9289-fbe10dd4db82.json b/services/ServiceBus/namespaces/templates/policy/DeadletteredMessages_868a7fc3-9c5c-4fb4-9289-fbe10dd4db82.json new file mode 100644 index 000000000..14d008b4b --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/DeadletteredMessages_868a7fc3-9c5c-4fb4-9289-fbe10dd4db82.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "868a7fc3-9c5c-4fb4-9289-fbe10dd4db82", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces DeadletteredMessages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces DeadletteredMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeadletteredMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeadletteredMessages-threshold-Override_'), field('tags._amba-DeadletteredMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeadletteredMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces DeadletteredMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeadletteredMessages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "DeadletteredMessages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeadletteredMessages-threshold-Override_'), field('tags._amba-DeadletteredMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/IncomingMessages_c1095936-da8d-4c63-ac70-cf97d5b1f630.json b/services/ServiceBus/namespaces/templates/policy/IncomingMessages_c1095936-da8d-4c63-ac70-cf97d5b1f630.json new file mode 100644 index 000000000..27007076b --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/IncomingMessages_c1095936-da8d-4c63-ac70-cf97d5b1f630.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c1095936-da8d-4c63-ac70-cf97d5b1f630", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces IncomingMessages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces IncomingMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IncomingMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IncomingMessages-threshold-Override_'), field('tags._amba-IncomingMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IncomingMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces IncomingMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IncomingMessages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "IncomingMessages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IncomingMessages-threshold-Override_'), field('tags._amba-IncomingMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/Messages_67872571-d13d-4123-81c5-60404c4eea45.json b/services/ServiceBus/namespaces/templates/policy/Messages_67872571-d13d-4123-81c5-60404c4eea45.json new file mode 100644 index 000000000..0f43f3e8d --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/Messages_67872571-d13d-4123-81c5-60404c4eea45.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "67872571-d13d-4123-81c5-60404c4eea45", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces Messages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces Messages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Messages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Messages-threshold-Override_'), field('tags._amba-Messages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Messages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces Messages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Messages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "Messages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Messages-threshold-Override_'), field('tags._amba-Messages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/NamespaceCpuUsage_52ec94f5-0d89-434b-9d51-df92d69ba284.json b/services/ServiceBus/namespaces/templates/policy/NamespaceCpuUsage_52ec94f5-0d89-434b-9d51-df92d69ba284.json new file mode 100644 index 000000000..3b2a72470 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/NamespaceCpuUsage_52ec94f5-0d89-434b-9d51-df92d69ba284.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "52ec94f5-0d89-434b-9d51-df92d69ba284", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces NamespaceCpuUsage Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces NamespaceCpuUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "85" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NamespaceCpuUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-NamespaceCpuUsage-threshold-Override_'), field('tags._amba-NamespaceCpuUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NamespaceCpuUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces NamespaceCpuUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NamespaceCpuUsage", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "NamespaceCpuUsage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-NamespaceCpuUsage-threshold-Override_'), field('tags._amba-NamespaceCpuUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/NamespaceMemoryUsage_860d21ea-8c6a-4c78-ac40-f556eb02c3ac.json b/services/ServiceBus/namespaces/templates/policy/NamespaceMemoryUsage_860d21ea-8c6a-4c78-ac40-f556eb02c3ac.json new file mode 100644 index 000000000..f46a6c9fa --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/NamespaceMemoryUsage_860d21ea-8c6a-4c78-ac40-f556eb02c3ac.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "860d21ea-8c6a-4c78-ac40-f556eb02c3ac", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces NamespaceMemoryUsage Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces NamespaceMemoryUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "NamespaceMemoryUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-NamespaceMemoryUsage-threshold-Override_'), field('tags._amba-NamespaceMemoryUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-NamespaceMemoryUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces NamespaceMemoryUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "NamespaceMemoryUsage", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "NamespaceMemoryUsage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-NamespaceMemoryUsage-threshold-Override_'), field('tags._amba-NamespaceMemoryUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/OutgoingMessages_fdde6805-edf8-4277-adb8-ad2f44e3f977.json b/services/ServiceBus/namespaces/templates/policy/OutgoingMessages_fdde6805-edf8-4277-adb8-ad2f44e3f977.json new file mode 100644 index 000000000..f108336d0 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/OutgoingMessages_fdde6805-edf8-4277-adb8-ad2f44e3f977.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fdde6805-edf8-4277-adb8-ad2f44e3f977", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces OutgoingMessages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces OutgoingMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OutgoingMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OutgoingMessages-threshold-Override_'), field('tags._amba-OutgoingMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OutgoingMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces OutgoingMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OutgoingMessages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "OutgoingMessages", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OutgoingMessages-threshold-Override_'), field('tags._amba-OutgoingMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ScheduledMessages_5543b815-f2c8-420e-847e-7507a9724557.json b/services/ServiceBus/namespaces/templates/policy/ScheduledMessages_5543b815-f2c8-420e-847e-7507a9724557.json new file mode 100644 index 000000000..3b5c02217 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ScheduledMessages_5543b815-f2c8-420e-847e-7507a9724557.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5543b815-f2c8-420e-847e-7507a9724557", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ScheduledMessages Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ScheduledMessages Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ScheduledMessages" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ScheduledMessages-threshold-Override_'), field('tags._amba-ScheduledMessages-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ScheduledMessages')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ScheduledMessages", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ScheduledMessages", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ScheduledMessages", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ScheduledMessages-threshold-Override_'), field('tags._amba-ScheduledMessages-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ServerErrors_c51c3514-1730-42f3-b8ae-f2980bd22d83.json b/services/ServiceBus/namespaces/templates/policy/ServerErrors_c51c3514-1730-42f3-b8ae-f2980bd22d83.json new file mode 100644 index 000000000..882db5a26 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ServerErrors_c51c3514-1730-42f3-b8ae-f2980bd22d83.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c51c3514-1730-42f3-b8ae-f2980bd22d83", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ServerErrors Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ServerErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ServerErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerErrors", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ServerErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerErrors-threshold-Override_'), field('tags._amba-ServerErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ServerSendLatency_487c6beb-1468-4167-8eb6-e9b3ad8743b1.json b/services/ServiceBus/namespaces/templates/policy/ServerSendLatency_487c6beb-1468-4167-8eb6-e9b3ad8743b1.json new file mode 100644 index 000000000..2f6a50163 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ServerSendLatency_487c6beb-1468-4167-8eb6-e9b3ad8743b1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "487c6beb-1468-4167-8eb6-e9b3ad8743b1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ServerSendLatency Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ServerSendLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerSendLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerSendLatency-threshold-Override_'), field('tags._amba-ServerSendLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerSendLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ServerSendLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerSendLatency", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ServerSendLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerSendLatency-threshold-Override_'), field('tags._amba-ServerSendLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/Size_950586ee-6926-4483-96d4-82838afe1ca6.json b/services/ServiceBus/namespaces/templates/policy/Size_950586ee-6926-4483-96d4-82838afe1ca6.json new file mode 100644 index 000000000..71cff27aa --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/Size_950586ee-6926-4483-96d4-82838afe1ca6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "950586ee-6926-4483-96d4-82838afe1ca6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces Size Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces Size Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Size" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Size-threshold-Override_'), field('tags._amba-Size-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Size')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces Size", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Size", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "Size", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Size-threshold-Override_'), field('tags._amba-Size-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/ThrottledRequests_19785707-24c9-4852-b92a-31732b86ee04.json b/services/ServiceBus/namespaces/templates/policy/ThrottledRequests_19785707-24c9-4852-b92a-31732b86ee04.json new file mode 100644 index 000000000..06118eef2 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/ThrottledRequests_19785707-24c9-4852-b92a-31732b86ee04.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "19785707-24c9-4852-b92a-31732b86ee04", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces ThrottledRequests Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces ThrottledRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ThrottledRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ThrottledRequests-threshold-Override_'), field('tags._amba-ThrottledRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ThrottledRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces ThrottledRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ThrottledRequests", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "ThrottledRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ThrottledRequests-threshold-Override_'), field('tags._amba-ThrottledRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/ServiceBus/namespaces/templates/policy/UserErrors_a57a1cc4-4ec9-4d8f-a81d-7e18afe54948.json b/services/ServiceBus/namespaces/templates/policy/UserErrors_a57a1cc4-4ec9-4d8f-a81d-7e18afe54948.json new file mode 100644 index 000000000..c1c7cf079 --- /dev/null +++ b/services/ServiceBus/namespaces/templates/policy/UserErrors_a57a1cc4-4ec9-4d8f-a81d-7e18afe54948.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a57a1cc4-4ec9-4d8f-a81d-7e18afe54948", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy ServiceBus namespaces UserErrors Alert", + "description": "Policy to Audit/Deploy ServiceBus namespaces UserErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "ServiceBus", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.ServiceBus/namespaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UserErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.ServiceBus/namespaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UserErrors-threshold-Override_'), field('tags._amba-UserErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UserErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ServiceBus namespaces UserErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UserErrors", + "metricNamespace": "Microsoft.ServiceBus/namespaces", + "metricName": "UserErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UserErrors-threshold-Override_'), field('tags._amba-UserErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/SignalRService/SignalR/templates/policy/ConnectionCount_b7581df7-f127-405e-9408-9d484122be74.json b/services/SignalRService/SignalR/templates/policy/ConnectionCount_b7581df7-f127-405e-9408-9d484122be74.json new file mode 100644 index 000000000..297324ebf --- /dev/null +++ b/services/SignalRService/SignalR/templates/policy/ConnectionCount_b7581df7-f127-405e-9408-9d484122be74.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b7581df7-f127-405e-9408-9d484122be74", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy SignalRService SignalR ConnectionCount Alert", + "description": "Policy to Audit/Deploy SignalRService SignalR ConnectionCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "SignalRService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "900" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ConnectionCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.SignalRService/SignalR/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ConnectionCount-threshold-Override_'), field('tags._amba-ConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ConnectionCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for SignalRService SignalR ConnectionCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ConnectionCount", + "metricNamespace": "Microsoft.SignalRService/SignalR", + "metricName": "ConnectionCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ConnectionCount-threshold-Override_'), field('tags._amba-ConnectionCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/SignalRService/SignalR/templates/policy/ConnectionQuotaUtilization_c7567682-8723-4426-8c27-848a9cc634d0.json b/services/SignalRService/SignalR/templates/policy/ConnectionQuotaUtilization_c7567682-8723-4426-8c27-848a9cc634d0.json new file mode 100644 index 000000000..1ec1b7c29 --- /dev/null +++ b/services/SignalRService/SignalR/templates/policy/ConnectionQuotaUtilization_c7567682-8723-4426-8c27-848a9cc634d0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c7567682-8723-4426-8c27-848a9cc634d0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy SignalRService SignalR ConnectionQuotaUtilization Alert", + "description": "Policy to Audit/Deploy SignalRService SignalR ConnectionQuotaUtilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "SignalRService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ConnectionQuotaUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.SignalRService/SignalR/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ConnectionQuotaUtilization-threshold-Override_'), field('tags._amba-ConnectionQuotaUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ConnectionQuotaUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for SignalRService SignalR ConnectionQuotaUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ConnectionQuotaUtilization", + "metricNamespace": "Microsoft.SignalRService/SignalR", + "metricName": "ConnectionQuotaUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ConnectionQuotaUtilization-threshold-Override_'), field('tags._amba-ConnectionQuotaUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/SignalRService/SignalR/templates/policy/SystemErrors_58f62f20-b9ba-472c-a2a4-37b53ed3e21d.json b/services/SignalRService/SignalR/templates/policy/SystemErrors_58f62f20-b9ba-472c-a2a4-37b53ed3e21d.json new file mode 100644 index 000000000..c7fdda841 --- /dev/null +++ b/services/SignalRService/SignalR/templates/policy/SystemErrors_58f62f20-b9ba-472c-a2a4-37b53ed3e21d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "58f62f20-b9ba-472c-a2a4-37b53ed3e21d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy SignalRService SignalR SystemErrors Alert", + "description": "Policy to Audit/Deploy SignalRService SignalR SystemErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "SignalRService", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.SignalRService/SignalR" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SystemErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.SignalRService/SignalR/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SystemErrors-threshold-Override_'), field('tags._amba-SystemErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SystemErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for SignalRService SignalR SystemErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SystemErrors", + "metricNamespace": "Microsoft.SignalRService/SignalR", + "metricName": "SystemErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SystemErrors-threshold-Override_'), field('tags._amba-SystemErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/managedInstances/templates/policy/avg_cpu_percent_dfd37715-0d5c-4ec5-98ae-836cd626a27f.json b/services/Sql/managedInstances/templates/policy/avg_cpu_percent_dfd37715-0d5c-4ec5-98ae-836cd626a27f.json new file mode 100644 index 000000000..7e92a6243 --- /dev/null +++ b/services/Sql/managedInstances/templates/policy/avg_cpu_percent_dfd37715-0d5c-4ec5-98ae-836cd626a27f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dfd37715-0d5c-4ec5-98ae-836cd626a27f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql managedInstances avg_cpu_percent Alert", + "description": "Policy to Audit/Deploy Sql managedInstances avg_cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/managedInstances" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/managedInstances" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "avg_cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/managedInstances/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-avg_cpu_percent-threshold-Override_'), field('tags._amba-avg_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-avg_cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql managedInstances avg_cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "avg_cpu_percent", + "metricNamespace": "Microsoft.Sql/managedInstances", + "metricName": "avg_cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-avg_cpu_percent-threshold-Override_'), field('tags._amba-avg_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/managedInstances/templates/policy/storage_space_used_mb_641ca3dc-a00f-43ac-b6bd-4f5d16f35cac.json b/services/Sql/managedInstances/templates/policy/storage_space_used_mb_641ca3dc-a00f-43ac-b6bd-4f5d16f35cac.json new file mode 100644 index 000000000..5ce7752a3 --- /dev/null +++ b/services/Sql/managedInstances/templates/policy/storage_space_used_mb_641ca3dc-a00f-43ac-b6bd-4f5d16f35cac.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "641ca3dc-a00f-43ac-b6bd-4f5d16f35cac", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql managedInstances storage_space_used_mb Alert", + "description": "Policy to Audit/Deploy Sql managedInstances storage_space_used_mb Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/managedInstances" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/managedInstances" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_space_used_mb" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/managedInstances/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_space_used_mb-threshold-Override_'), field('tags._amba-storage_space_used_mb-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_space_used_mb')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql managedInstances storage_space_used_mb", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_space_used_mb", + "metricNamespace": "Microsoft.Sql/managedInstances", + "metricName": "storage_space_used_mb", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_space_used_mb-threshold-Override_'), field('tags._amba-storage_space_used_mb-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/allocated_data_storage_3743016a-a056-43fe-b53a-36dd9a17626d.json b/services/Sql/servers/templates/policy/allocated_data_storage_3743016a-a056-43fe-b53a-36dd9a17626d.json new file mode 100644 index 000000000..f5277a5f2 --- /dev/null +++ b/services/Sql/servers/templates/policy/allocated_data_storage_3743016a-a056-43fe-b53a-36dd9a17626d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3743016a-a056-43fe-b53a-36dd9a17626d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools allocated_data_storage Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools allocated_data_storage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "225000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allocated_data_storage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allocated_data_storage-threshold-Override_'), field('tags._amba-allocated_data_storage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allocated_data_storage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools allocated_data_storage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allocated_data_storage", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "allocated_data_storage", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allocated_data_storage-threshold-Override_'), field('tags._amba-allocated_data_storage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/allocated_data_storage_percent_7e9d0710-3243-4cf2-8b73-6be1539b8545.json b/services/Sql/servers/templates/policy/allocated_data_storage_percent_7e9d0710-3243-4cf2-8b73-6be1539b8545.json new file mode 100644 index 000000000..9e1a2bdb3 --- /dev/null +++ b/services/Sql/servers/templates/policy/allocated_data_storage_percent_7e9d0710-3243-4cf2-8b73-6be1539b8545.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7e9d0710-3243-4cf2-8b73-6be1539b8545", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools allocated_data_storage_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools allocated_data_storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "allocated_data_storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-allocated_data_storage_percent-threshold-Override_'), field('tags._amba-allocated_data_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-allocated_data_storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools allocated_data_storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "allocated_data_storage_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "allocated_data_storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-allocated_data_storage_percent-threshold-Override_'), field('tags._amba-allocated_data_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/app_cpu_percent_05591510-5fe2-454a-96d8-bbda8201c6a4.json b/services/Sql/servers/templates/policy/app_cpu_percent_05591510-5fe2-454a-96d8-bbda8201c6a4.json new file mode 100644 index 000000000..befeebc66 --- /dev/null +++ b/services/Sql/servers/templates/policy/app_cpu_percent_05591510-5fe2-454a-96d8-bbda8201c6a4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "05591510-5fe2-454a-96d8-bbda8201c6a4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases app_cpu_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases app_cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "app_cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-app_cpu_percent-threshold-Override_'), field('tags._amba-app_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-app_cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases app_cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "app_cpu_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "app_cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-app_cpu_percent-threshold-Override_'), field('tags._amba-app_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/app_memory_percent_c5c95fe9-a4b4-4afa-a07a-a0d18804d416.json b/services/Sql/servers/templates/policy/app_memory_percent_c5c95fe9-a4b4-4afa-a07a-a0d18804d416.json new file mode 100644 index 000000000..8d13090dc --- /dev/null +++ b/services/Sql/servers/templates/policy/app_memory_percent_c5c95fe9-a4b4-4afa-a07a-a0d18804d416.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c5c95fe9-a4b4-4afa-a07a-a0d18804d416", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases app_memory_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases app_memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "app_memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-app_memory_percent-threshold-Override_'), field('tags._amba-app_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-app_memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases app_memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "app_memory_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "app_memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-app_memory_percent-threshold-Override_'), field('tags._amba-app_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/blocked_by_firewall_2cda2f3a-8657-431a-a50f-56835aea9a81.json b/services/Sql/servers/templates/policy/blocked_by_firewall_2cda2f3a-8657-431a-a50f-56835aea9a81.json new file mode 100644 index 000000000..578d38fcb --- /dev/null +++ b/services/Sql/servers/templates/policy/blocked_by_firewall_2cda2f3a-8657-431a-a50f-56835aea9a81.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2cda2f3a-8657-431a-a50f-56835aea9a81", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases blocked_by_firewall Alert", + "description": "Policy to Audit/Deploy Sql servers databases blocked_by_firewall Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "blocked_by_firewall" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-blocked_by_firewall-threshold-Override_'), field('tags._amba-blocked_by_firewall-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-blocked_by_firewall')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases blocked_by_firewall", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "blocked_by_firewall", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "blocked_by_firewall", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-blocked_by_firewall-threshold-Override_'), field('tags._amba-blocked_by_firewall-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/connection_failed_7157dc17-9d5a-4835-a122-1d0d904d61ff.json b/services/Sql/servers/templates/policy/connection_failed_7157dc17-9d5a-4835-a122-1d0d904d61ff.json new file mode 100644 index 000000000..7cdfe4b8f --- /dev/null +++ b/services/Sql/servers/templates/policy/connection_failed_7157dc17-9d5a-4835-a122-1d0d904d61ff.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7157dc17-9d5a-4835-a122-1d0d904d61ff", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases connection_failed Alert", + "description": "Policy to Audit/Deploy Sql servers databases connection_failed Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connection_failed" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connection_failed-threshold-Override_'), field('tags._amba-connection_failed-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connection_failed')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases connection_failed", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connection_failed", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "connection_failed", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connection_failed-threshold-Override_'), field('tags._amba-connection_failed-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/connection_failed_user_error_d528ffcb-3a99-4356-96d1-981499139ffb.json b/services/Sql/servers/templates/policy/connection_failed_user_error_d528ffcb-3a99-4356-96d1-981499139ffb.json new file mode 100644 index 000000000..ac14532cf --- /dev/null +++ b/services/Sql/servers/templates/policy/connection_failed_user_error_d528ffcb-3a99-4356-96d1-981499139ffb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d528ffcb-3a99-4356-96d1-981499139ffb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases connection_failed_user_error Alert", + "description": "Policy to Audit/Deploy Sql servers databases connection_failed_user_error Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connection_failed_user_error" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-connection_failed_user_error-threshold-Override_'), field('tags._amba-connection_failed_user_error-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connection_failed_user_error')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases connection_failed_user_error", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connection_failed_user_error", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "connection_failed_user_error", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-connection_failed_user_error-threshold-Override_'), field('tags._amba-connection_failed_user_error-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/connection_successful_460b6b29-a602-4409-b748-6b47b232a984.json b/services/Sql/servers/templates/policy/connection_successful_460b6b29-a602-4409-b748-6b47b232a984.json new file mode 100644 index 000000000..0f3625abe --- /dev/null +++ b/services/Sql/servers/templates/policy/connection_successful_460b6b29-a602-4409-b748-6b47b232a984.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "460b6b29-a602-4409-b748-6b47b232a984", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases connection_successful Alert", + "description": "Policy to Audit/Deploy Sql servers databases connection_successful Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "connection_successful" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 5 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 5 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-connection_successful')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases connection_successful", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "connection_successful", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "connection_successful", + "operator": "LessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 5, + "numberOfEvaluationPeriods": 5 + }, + "timeAggregation": "Total", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/cpu_percent_805c4ae5-a852-43bd-ad1c-0f7f381d8f32.json b/services/Sql/servers/templates/policy/cpu_percent_805c4ae5-a852-43bd-ad1c-0f7f381d8f32.json new file mode 100644 index 000000000..060e0aadc --- /dev/null +++ b/services/Sql/servers/templates/policy/cpu_percent_805c4ae5-a852-43bd-ad1c-0f7f381d8f32.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "805c4ae5-a852-43bd-ad1c-0f7f381d8f32", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools cpu_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_percent-threshold-Override_'), field('tags._amba-cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/cpu_used_3ddd3f95-989c-4777-b6b8-728439aae1df.json b/services/Sql/servers/templates/policy/cpu_used_3ddd3f95-989c-4777-b6b8-728439aae1df.json new file mode 100644 index 000000000..adcb3b085 --- /dev/null +++ b/services/Sql/servers/templates/policy/cpu_used_3ddd3f95-989c-4777-b6b8-728439aae1df.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3ddd3f95-989c-4777-b6b8-728439aae1df", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases cpu_used Alert", + "description": "Policy to Audit/Deploy Sql servers databases cpu_used Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "cpu_used" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-cpu_used-threshold-Override_'), field('tags._amba-cpu_used-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-cpu_used')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases cpu_used", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "cpu_used", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "cpu_used", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-cpu_used-threshold-Override_'), field('tags._amba-cpu_used-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/deadlock_ce44fc81-3610-4165-a107-9dd4b8ab3972.json b/services/Sql/servers/templates/policy/deadlock_ce44fc81-3610-4165-a107-9dd4b8ab3972.json new file mode 100644 index 000000000..e7fd36b35 --- /dev/null +++ b/services/Sql/servers/templates/policy/deadlock_ce44fc81-3610-4165-a107-9dd4b8ab3972.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ce44fc81-3610-4165-a107-9dd4b8ab3972", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases deadlock Alert", + "description": "Policy to Audit/Deploy Sql servers databases deadlock Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "deadlock" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-deadlock-threshold-Override_'), field('tags._amba-deadlock-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-deadlock')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases deadlock", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "deadlock", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "deadlock", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-deadlock-threshold-Override_'), field('tags._amba-deadlock-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/dtu_consumption_percent_5d9075b5-3c19-4cf6-9c2e-50ba4c175691.json b/services/Sql/servers/templates/policy/dtu_consumption_percent_5d9075b5-3c19-4cf6-9c2e-50ba4c175691.json new file mode 100644 index 000000000..0b30457ce --- /dev/null +++ b/services/Sql/servers/templates/policy/dtu_consumption_percent_5d9075b5-3c19-4cf6-9c2e-50ba4c175691.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5d9075b5-3c19-4cf6-9c2e-50ba4c175691", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools dtu_consumption_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools dtu_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "dtu_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-dtu_consumption_percent-threshold-Override_'), field('tags._amba-dtu_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-dtu_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools dtu_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "dtu_consumption_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "dtu_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-dtu_consumption_percent-threshold-Override_'), field('tags._amba-dtu_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/dtu_limit_50124594-a291-4183-a8e3-195f5e6f5204.json b/services/Sql/servers/templates/policy/dtu_limit_50124594-a291-4183-a8e3-195f5e6f5204.json new file mode 100644 index 000000000..a86128aba --- /dev/null +++ b/services/Sql/servers/templates/policy/dtu_limit_50124594-a291-4183-a8e3-195f5e6f5204.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "50124594-a291-4183-a8e3-195f5e6f5204", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases dtu_limit Alert", + "description": "Policy to Audit/Deploy Sql servers databases dtu_limit Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "dtu_limit" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-dtu_limit-threshold-Override_'), field('tags._amba-dtu_limit-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-dtu_limit')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases dtu_limit", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "dtu_limit", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "dtu_limit", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-dtu_limit-threshold-Override_'), field('tags._amba-dtu_limit-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/dtu_used_d26f4c8b-0461-4c57-b230-cbd1a5424db1.json b/services/Sql/servers/templates/policy/dtu_used_d26f4c8b-0461-4c57-b230-cbd1a5424db1.json new file mode 100644 index 000000000..47ce684b4 --- /dev/null +++ b/services/Sql/servers/templates/policy/dtu_used_d26f4c8b-0461-4c57-b230-cbd1a5424db1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d26f4c8b-0461-4c57-b230-cbd1a5424db1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases dtu_used Alert", + "description": "Policy to Audit/Deploy Sql servers databases dtu_used Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "dtu_used" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-dtu_used-threshold-Override_'), field('tags._amba-dtu_used-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-dtu_used')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases dtu_used", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "dtu_used", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "dtu_used", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-dtu_used-threshold-Override_'), field('tags._amba-dtu_used-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/dwu_consumption_percent_70f88865-7a8b-4e03-9252-a9369df503ef.json b/services/Sql/servers/templates/policy/dwu_consumption_percent_70f88865-7a8b-4e03-9252-a9369df503ef.json new file mode 100644 index 000000000..b4d3aa8d2 --- /dev/null +++ b/services/Sql/servers/templates/policy/dwu_consumption_percent_70f88865-7a8b-4e03-9252-a9369df503ef.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "70f88865-7a8b-4e03-9252-a9369df503ef", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases dwu_consumption_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases dwu_consumption_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "dwu_consumption_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-dwu_consumption_percent-threshold-Override_'), field('tags._amba-dwu_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-dwu_consumption_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases dwu_consumption_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "dwu_consumption_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "dwu_consumption_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-dwu_consumption_percent-threshold-Override_'), field('tags._amba-dwu_consumption_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/eDTU_used_16a64053-1905-4d8e-8198-810584cad108.json b/services/Sql/servers/templates/policy/eDTU_used_16a64053-1905-4d8e-8198-810584cad108.json new file mode 100644 index 000000000..460a752cc --- /dev/null +++ b/services/Sql/servers/templates/policy/eDTU_used_16a64053-1905-4d8e-8198-810584cad108.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "16a64053-1905-4d8e-8198-810584cad108", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools eDTU_used Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools eDTU_used Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "eDTU_used" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-eDTU_used-threshold-Override_'), field('tags._amba-eDTU_used-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-eDTU_used')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools eDTU_used", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "eDTU_used", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "eDTU_used", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-eDTU_used-threshold-Override_'), field('tags._amba-eDTU_used-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/log_write_percent_47cd814e-1991-437e-8feb-e589a250d2a3.json b/services/Sql/servers/templates/policy/log_write_percent_47cd814e-1991-437e-8feb-e589a250d2a3.json new file mode 100644 index 000000000..0ed9ca88c --- /dev/null +++ b/services/Sql/servers/templates/policy/log_write_percent_47cd814e-1991-437e-8feb-e589a250d2a3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "47cd814e-1991-437e-8feb-e589a250d2a3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools log_write_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools log_write_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "log_write_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-log_write_percent-threshold-Override_'), field('tags._amba-log_write_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-log_write_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools log_write_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "log_write_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "log_write_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-log_write_percent-threshold-Override_'), field('tags._amba-log_write_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/memory_usage_percent_f5c13b49-8528-457d-9d7d-083b8433bf96.json b/services/Sql/servers/templates/policy/memory_usage_percent_f5c13b49-8528-457d-9d7d-083b8433bf96.json new file mode 100644 index 000000000..3063bad8e --- /dev/null +++ b/services/Sql/servers/templates/policy/memory_usage_percent_f5c13b49-8528-457d-9d7d-083b8433bf96.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f5c13b49-8528-457d-9d7d-083b8433bf96", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases memory_usage_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases memory_usage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "memory_usage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-memory_usage_percent-threshold-Override_'), field('tags._amba-memory_usage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-memory_usage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases memory_usage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "memory_usage_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "memory_usage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-memory_usage_percent-threshold-Override_'), field('tags._amba-memory_usage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/physical_data_read_percent_92efc2ea-b6ed-41aa-921c-6d40e7b58c27.json b/services/Sql/servers/templates/policy/physical_data_read_percent_92efc2ea-b6ed-41aa-921c-6d40e7b58c27.json new file mode 100644 index 000000000..1389398ef --- /dev/null +++ b/services/Sql/servers/templates/policy/physical_data_read_percent_92efc2ea-b6ed-41aa-921c-6d40e7b58c27.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "92efc2ea-b6ed-41aa-921c-6d40e7b58c27", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools physical_data_read_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools physical_data_read_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "physical_data_read_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-physical_data_read_percent-threshold-Override_'), field('tags._amba-physical_data_read_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-physical_data_read_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools physical_data_read_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "physical_data_read_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "physical_data_read_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-physical_data_read_percent-threshold-Override_'), field('tags._amba-physical_data_read_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sessions_count_07eeae07-010e-47ca-ad90-fa7adb5a6c52.json b/services/Sql/servers/templates/policy/sessions_count_07eeae07-010e-47ca-ad90-fa7adb5a6c52.json new file mode 100644 index 000000000..36c9c4921 --- /dev/null +++ b/services/Sql/servers/templates/policy/sessions_count_07eeae07-010e-47ca-ad90-fa7adb5a6c52.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "07eeae07-010e-47ca-ad90-fa7adb5a6c52", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases sessions_count Alert", + "description": "Policy to Audit/Deploy Sql servers databases sessions_count Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0.5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sessions_count" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sessions_count-threshold-Override_'), field('tags._amba-sessions_count-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sessions_count')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases sessions_count", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sessions_count", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "sessions_count", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sessions_count-threshold-Override_'), field('tags._amba-sessions_count-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sessions_percent_6b2e0ce9-d1b8-4061-b3ce-c39f9c5c1763.json b/services/Sql/servers/templates/policy/sessions_percent_6b2e0ce9-d1b8-4061-b3ce-c39f9c5c1763.json new file mode 100644 index 000000000..c1cd4491a --- /dev/null +++ b/services/Sql/servers/templates/policy/sessions_percent_6b2e0ce9-d1b8-4061-b3ce-c39f9c5c1763.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6b2e0ce9-d1b8-4061-b3ce-c39f9c5c1763", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools sessions_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools sessions_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sessions_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sessions_percent-threshold-Override_'), field('tags._amba-sessions_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sessions_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools sessions_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sessions_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "sessions_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sessions_percent-threshold-Override_'), field('tags._amba-sessions_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sql_instance_cpu_percent_1a8132b9-fbd2-4ac5-9e08-96358e16b7f7.json b/services/Sql/servers/templates/policy/sql_instance_cpu_percent_1a8132b9-fbd2-4ac5-9e08-96358e16b7f7.json new file mode 100644 index 000000000..445175bde --- /dev/null +++ b/services/Sql/servers/templates/policy/sql_instance_cpu_percent_1a8132b9-fbd2-4ac5-9e08-96358e16b7f7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1a8132b9-fbd2-4ac5-9e08-96358e16b7f7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases sql_instance_cpu_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases sql_instance_cpu_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "70" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sql_instance_cpu_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sql_instance_cpu_percent-threshold-Override_'), field('tags._amba-sql_instance_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sql_instance_cpu_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases sql_instance_cpu_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sql_instance_cpu_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "sql_instance_cpu_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sql_instance_cpu_percent-threshold-Override_'), field('tags._amba-sql_instance_cpu_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sql_instance_memory_percent_f44a3cb0-6e99-4a5e-a691-c5d7d5bf7e64.json b/services/Sql/servers/templates/policy/sql_instance_memory_percent_f44a3cb0-6e99-4a5e-a691-c5d7d5bf7e64.json new file mode 100644 index 000000000..0b4d08f43 --- /dev/null +++ b/services/Sql/servers/templates/policy/sql_instance_memory_percent_f44a3cb0-6e99-4a5e-a691-c5d7d5bf7e64.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f44a3cb0-6e99-4a5e-a691-c5d7d5bf7e64", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases sql_instance_memory_percent Alert", + "description": "Policy to Audit/Deploy Sql servers databases sql_instance_memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sql_instance_memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sql_instance_memory_percent-threshold-Override_'), field('tags._amba-sql_instance_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sql_instance_memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases sql_instance_memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sql_instance_memory_percent", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "sql_instance_memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sql_instance_memory_percent-threshold-Override_'), field('tags._amba-sql_instance_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sqlserver_process_core_percent_73ec4301-872a-4bea-928e-420255aae8cb.json b/services/Sql/servers/templates/policy/sqlserver_process_core_percent_73ec4301-872a-4bea-928e-420255aae8cb.json new file mode 100644 index 000000000..476a72e6f --- /dev/null +++ b/services/Sql/servers/templates/policy/sqlserver_process_core_percent_73ec4301-872a-4bea-928e-420255aae8cb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "73ec4301-872a-4bea-928e-420255aae8cb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools sqlserver_process_core_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools sqlserver_process_core_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "95" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sqlserver_process_core_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sqlserver_process_core_percent-threshold-Override_'), field('tags._amba-sqlserver_process_core_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sqlserver_process_core_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools sqlserver_process_core_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sqlserver_process_core_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "sqlserver_process_core_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sqlserver_process_core_percent-threshold-Override_'), field('tags._amba-sqlserver_process_core_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/sqlserver_process_memory_percent_fa056aaf-57c4-4abe-9bc5-23ba413a1f5b.json b/services/Sql/servers/templates/policy/sqlserver_process_memory_percent_fa056aaf-57c4-4abe-9bc5-23ba413a1f5b.json new file mode 100644 index 000000000..f95b91caa --- /dev/null +++ b/services/Sql/servers/templates/policy/sqlserver_process_memory_percent_fa056aaf-57c4-4abe-9bc5-23ba413a1f5b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fa056aaf-57c4-4abe-9bc5-23ba413a1f5b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools sqlserver_process_memory_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools sqlserver_process_memory_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "sqlserver_process_memory_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-sqlserver_process_memory_percent-threshold-Override_'), field('tags._amba-sqlserver_process_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-sqlserver_process_memory_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools sqlserver_process_memory_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "sqlserver_process_memory_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "sqlserver_process_memory_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-sqlserver_process_memory_percent-threshold-Override_'), field('tags._amba-sqlserver_process_memory_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/storage_86922a27-41bb-4834-bc54-0b602b275597.json b/services/Sql/servers/templates/policy/storage_86922a27-41bb-4834-bc54-0b602b275597.json new file mode 100644 index 000000000..b782ca4ce --- /dev/null +++ b/services/Sql/servers/templates/policy/storage_86922a27-41bb-4834-bc54-0b602b275597.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "86922a27-41bb-4834-bc54-0b602b275597", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases storage Alert", + "description": "Policy to Audit/Deploy Sql servers databases storage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "934584883610" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage-threshold-Override_'), field('tags._amba-storage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases storage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "storage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage-threshold-Override_'), field('tags._amba-storage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/storage_percent_88f3cbc0-bcfb-482f-b6f4-709a335afcad.json b/services/Sql/servers/templates/policy/storage_percent_88f3cbc0-bcfb-482f-b6f4-709a335afcad.json new file mode 100644 index 000000000..8da023875 --- /dev/null +++ b/services/Sql/servers/templates/policy/storage_percent_88f3cbc0-bcfb-482f-b6f4-709a335afcad.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "88f3cbc0-bcfb-482f-b6f4-709a335afcad", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools storage_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "storage_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-storage_percent-threshold-Override_'), field('tags._amba-storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/tempdb_data_size_0fe27fd1-e4f7-48c1-bbd2-a6953755d5e8.json b/services/Sql/servers/templates/policy/tempdb_data_size_0fe27fd1-e4f7-48c1-bbd2-a6953755d5e8.json new file mode 100644 index 000000000..b35edcd68 --- /dev/null +++ b/services/Sql/servers/templates/policy/tempdb_data_size_0fe27fd1-e4f7-48c1-bbd2-a6953755d5e8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0fe27fd1-e4f7-48c1-bbd2-a6953755d5e8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers databases tempdb_data_size Alert", + "description": "Policy to Audit/Deploy Sql servers databases tempdb_data_size Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/databases" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "tempdb_data_size" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/databases/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-tempdb_data_size-threshold-Override_'), field('tags._amba-tempdb_data_size-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-tempdb_data_size')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers databases tempdb_data_size", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "tempdb_data_size", + "metricNamespace": "Microsoft.Sql/servers/databases", + "metricName": "tempdb_data_size", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-tempdb_data_size-threshold-Override_'), field('tags._amba-tempdb_data_size-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/tempdb_log_used_percent_af66de51-079c-4d34-af92-f52f887642dc.json b/services/Sql/servers/templates/policy/tempdb_log_used_percent_af66de51-079c-4d34-af92-f52f887642dc.json new file mode 100644 index 000000000..5661ef7a5 --- /dev/null +++ b/services/Sql/servers/templates/policy/tempdb_log_used_percent_af66de51-079c-4d34-af92-f52f887642dc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "af66de51-079c-4d34-af92-f52f887642dc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools tempdb_log_used_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools tempdb_log_used_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "tempdb_log_used_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-tempdb_log_used_percent-threshold-Override_'), field('tags._amba-tempdb_log_used_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-tempdb_log_used_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools tempdb_log_used_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "tempdb_log_used_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "tempdb_log_used_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-tempdb_log_used_percent-threshold-Override_'), field('tags._amba-tempdb_log_used_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/workers_percent_1b37038e-6e5c-4463-97d4-8a632251d70e.json b/services/Sql/servers/templates/policy/workers_percent_1b37038e-6e5c-4463-97d4-8a632251d70e.json new file mode 100644 index 000000000..2f10653cf --- /dev/null +++ b/services/Sql/servers/templates/policy/workers_percent_1b37038e-6e5c-4463-97d4-8a632251d70e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1b37038e-6e5c-4463-97d4-8a632251d70e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools workers_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools workers_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "workers_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-workers_percent-threshold-Override_'), field('tags._amba-workers_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-workers_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools workers_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "workers_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "workers_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-workers_percent-threshold-Override_'), field('tags._amba-workers_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Sql/servers/templates/policy/xtp_storage_percent_db517009-30ad-4cbc-b282-7f212052c3b4.json b/services/Sql/servers/templates/policy/xtp_storage_percent_db517009-30ad-4cbc-b282-7f212052c3b4.json new file mode 100644 index 000000000..7e8c2a3a7 --- /dev/null +++ b/services/Sql/servers/templates/policy/xtp_storage_percent_db517009-30ad-4cbc-b282-7f212052c3b4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "db517009-30ad-4cbc-b282-7f212052c3b4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Sql servers elasticpools xtp_storage_percent Alert", + "description": "Policy to Audit/Deploy Sql servers elasticpools xtp_storage_percent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Sql", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Sql/servers/elasticpools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "xtp_storage_percent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Sql/servers/elasticpools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-xtp_storage_percent-threshold-Override_'), field('tags._amba-xtp_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-xtp_storage_percent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Sql servers elasticpools xtp_storage_percent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "xtp_storage_percent", + "metricNamespace": "Microsoft.Sql/servers/elasticpools", + "metricName": "xtp_storage_percent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-xtp_storage_percent-threshold-Override_'), field('tags._amba-xtp_storage_percent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Availability_45fef979-c27e-425a-a6c3-e5bd28b1eb86.json b/services/Storage/storageAccounts/templates/policy/Availability_45fef979-c27e-425a-a6c3-e5bd28b1eb86.json new file mode 100644 index 000000000..6a485ad80 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Availability_45fef979-c27e-425a-a6c3-e5bd28b1eb86.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "45fef979-c27e-425a-a6c3-e5bd28b1eb86", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices Availability Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "99.9" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Availability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Availability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices Availability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Availability", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "Availability", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Availability_b1a4849b-78a8-437f-8113-7c6f2dc34927.json b/services/Storage/storageAccounts/templates/policy/Availability_b1a4849b-78a8-437f-8113-7c6f2dc34927.json new file mode 100644 index 000000000..2eb8cca23 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Availability_b1a4849b-78a8-437f-8113-7c6f2dc34927.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b1a4849b-78a8-437f-8113-7c6f2dc34927", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy SA Availability Alert", + "description": "Policy to Audit/Deploy SA Availability Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Availability" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Availability')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts Availability", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Availability", + "metricNamespace": "Microsoft.Storage/storageAccounts", + "metricName": "Availability", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/BlobCapacity_8c0aaea9-bcce-4c27-a090-ffe54b7e1d1c.json b/services/Storage/storageAccounts/templates/policy/BlobCapacity_8c0aaea9-bcce-4c27-a090-ffe54b7e1d1c.json new file mode 100644 index 000000000..b9770a7cc --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/BlobCapacity_8c0aaea9-bcce-4c27-a090-ffe54b7e1d1c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8c0aaea9-bcce-4c27-a090-ffe54b7e1d1c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts blobServices BlobCapacity Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts blobServices BlobCapacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "P1D" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "107374182400" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BlobCapacity" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/blobServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BlobCapacity-threshold-Override_'), field('tags._amba-BlobCapacity-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BlobCapacity')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts blobServices BlobCapacity", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BlobCapacity", + "metricNamespace": "Microsoft.Storage/storageAccounts/blobServices", + "metricName": "BlobCapacity", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BlobCapacity-threshold-Override_'), field('tags._amba-BlobCapacity-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/BlobCount_c4d93fac-a6b6-4731-a92a-c499b6fb2bcb.json b/services/Storage/storageAccounts/templates/policy/BlobCount_c4d93fac-a6b6-4731-a92a-c499b6fb2bcb.json new file mode 100644 index 000000000..933086260 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/BlobCount_c4d93fac-a6b6-4731-a92a-c499b6fb2bcb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c4d93fac-a6b6-4731-a92a-c499b6fb2bcb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts blobServices BlobCount Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts blobServices BlobCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BlobCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/blobServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BlobCount-threshold-Override_'), field('tags._amba-BlobCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BlobCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts blobServices BlobCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BlobCount", + "metricNamespace": "Microsoft.Storage/storageAccounts/blobServices", + "metricName": "BlobCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BlobCount-threshold-Override_'), field('tags._amba-BlobCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Egress_eb186756-b63b-408a-bbaf-ac94c1010287.json b/services/Storage/storageAccounts/templates/policy/Egress_eb186756-b63b-408a-bbaf-ac94c1010287.json new file mode 100644 index 000000000..d06c1c3fa --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Egress_eb186756-b63b-408a-bbaf-ac94c1010287.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "eb186756-b63b-408a-bbaf-ac94c1010287", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts Egress Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts Egress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "60000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Egress" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Egress-threshold-Override_'), field('tags._amba-Egress-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Egress')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts Egress", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Egress", + "metricNamespace": "Microsoft.Storage/storageAccounts", + "metricName": "Egress", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Egress-threshold-Override_'), field('tags._amba-Egress-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/FileCapacity_26e09eae-c784-4e8f-a225-d3f13efff76f.json b/services/Storage/storageAccounts/templates/policy/FileCapacity_26e09eae-c784-4e8f-a225-d3f13efff76f.json new file mode 100644 index 000000000..767460da4 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/FileCapacity_26e09eae-c784-4e8f-a225-d3f13efff76f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "26e09eae-c784-4e8f-a225-d3f13efff76f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices FileCapacity Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices FileCapacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "96636764160" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FileCapacity" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FileCapacity-threshold-Override_'), field('tags._amba-FileCapacity-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FileCapacity')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices FileCapacity", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FileCapacity", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "FileCapacity", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FileCapacity-threshold-Override_'), field('tags._amba-FileCapacity-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/FileShareCapacityQuota_8660f357-83f9-4719-bdf3-bae57af2d967.json b/services/Storage/storageAccounts/templates/policy/FileShareCapacityQuota_8660f357-83f9-4719-bdf3-bae57af2d967.json new file mode 100644 index 000000000..9caedd8a9 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/FileShareCapacityQuota_8660f357-83f9-4719-bdf3-bae57af2d967.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8660f357-83f9-4719-bdf3-bae57af2d967", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices FileShareCapacityQuota Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices FileShareCapacityQuota Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5222680231936" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FileShareCapacityQuota" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FileShareCapacityQuota-threshold-Override_'), field('tags._amba-FileShareCapacityQuota-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FileShareCapacityQuota')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices FileShareCapacityQuota", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FileShareCapacityQuota", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "FileShareCapacityQuota", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FileShareCapacityQuota-threshold-Override_'), field('tags._amba-FileShareCapacityQuota-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/FileShareCount_a4adc774-7ca4-4a4b-b2fa-514b9fcbbc80.json b/services/Storage/storageAccounts/templates/policy/FileShareCount_a4adc774-7ca4-4a4b-b2fa-514b9fcbbc80.json new file mode 100644 index 000000000..c28a9f87c --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/FileShareCount_a4adc774-7ca4-4a4b-b2fa-514b9fcbbc80.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a4adc774-7ca4-4a4b-b2fa-514b9fcbbc80", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices FileShareCount Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices FileShareCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FileShareCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FileShareCount-threshold-Override_'), field('tags._amba-FileShareCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FileShareCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices FileShareCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FileShareCount", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "FileShareCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FileShareCount-threshold-Override_'), field('tags._amba-FileShareCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/FileShareSnapshotCount_8cbe449d-9264-4ae1-8221-5d97989005a8.json b/services/Storage/storageAccounts/templates/policy/FileShareSnapshotCount_8cbe449d-9264-4ae1-8221-5d97989005a8.json new file mode 100644 index 000000000..c84e48f68 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/FileShareSnapshotCount_8cbe449d-9264-4ae1-8221-5d97989005a8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8cbe449d-9264-4ae1-8221-5d97989005a8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices FileShareSnapshotCount Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices FileShareSnapshotCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "190" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FileShareSnapshotCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FileShareSnapshotCount-threshold-Override_'), field('tags._amba-FileShareSnapshotCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FileShareSnapshotCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices FileShareSnapshotCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FileShareSnapshotCount", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "FileShareSnapshotCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FileShareSnapshotCount-threshold-Override_'), field('tags._amba-FileShareSnapshotCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Ingress_5d872cb4-7f71-4275-81eb-98c968c0cadd.json b/services/Storage/storageAccounts/templates/policy/Ingress_5d872cb4-7f71-4275-81eb-98c968c0cadd.json new file mode 100644 index 000000000..075e621b7 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Ingress_5d872cb4-7f71-4275-81eb-98c968c0cadd.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5d872cb4-7f71-4275-81eb-98c968c0cadd", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts Ingress Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts Ingress Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1073741824" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Ingress" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Ingress-threshold-Override_'), field('tags._amba-Ingress-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Ingress')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts Ingress", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Ingress", + "metricNamespace": "Microsoft.Storage/storageAccounts", + "metricName": "Ingress", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Ingress-threshold-Override_'), field('tags._amba-Ingress-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/QueueCapacity_7815fc6f-bfb1-4474-9ea6-05e1449a2ed5.json b/services/Storage/storageAccounts/templates/policy/QueueCapacity_7815fc6f-bfb1-4474-9ea6-05e1449a2ed5.json new file mode 100644 index 000000000..922093e30 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/QueueCapacity_7815fc6f-bfb1-4474-9ea6-05e1449a2ed5.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7815fc6f-bfb1-4474-9ea6-05e1449a2ed5", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts queueServices QueueCapacity Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts queueServices QueueCapacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "31457280" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueueCapacity" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/queueServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QueueCapacity-threshold-Override_'), field('tags._amba-QueueCapacity-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueueCapacity')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts queueServices QueueCapacity", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueueCapacity", + "metricNamespace": "Microsoft.Storage/storageAccounts/queueServices", + "metricName": "QueueCapacity", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QueueCapacity-threshold-Override_'), field('tags._amba-QueueCapacity-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/QueueCount_f75dec98-78a3-4e42-954d-375fe3352857.json b/services/Storage/storageAccounts/templates/policy/QueueCount_f75dec98-78a3-4e42-954d-375fe3352857.json new file mode 100644 index 000000000..5a3a7b077 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/QueueCount_f75dec98-78a3-4e42-954d-375fe3352857.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f75dec98-78a3-4e42-954d-375fe3352857", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts queueServices QueueCount Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts queueServices QueueCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueueCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/queueServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QueueCount-threshold-Override_'), field('tags._amba-QueueCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueueCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts queueServices QueueCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueueCount", + "metricNamespace": "Microsoft.Storage/storageAccounts/queueServices", + "metricName": "QueueCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QueueCount-threshold-Override_'), field('tags._amba-QueueCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/QueueMessageCount_34769aaa-5014-4ced-bb08-9fabfba3d959.json b/services/Storage/storageAccounts/templates/policy/QueueMessageCount_34769aaa-5014-4ced-bb08-9fabfba3d959.json new file mode 100644 index 000000000..3bc7e4ce5 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/QueueMessageCount_34769aaa-5014-4ced-bb08-9fabfba3d959.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "34769aaa-5014-4ced-bb08-9fabfba3d959", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts queueServices QueueMessageCount Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts queueServices QueueMessageCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/queueServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "QueueMessageCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/queueServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-QueueMessageCount-threshold-Override_'), field('tags._amba-QueueMessageCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-QueueMessageCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts queueServices QueueMessageCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "QueueMessageCount", + "metricNamespace": "Microsoft.Storage/storageAccounts/queueServices", + "metricName": "QueueMessageCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-QueueMessageCount-threshold-Override_'), field('tags._amba-QueueMessageCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/SuccessEELatency_0acc30dc-881d-46c9-b634-8cba507a263f.json b/services/Storage/storageAccounts/templates/policy/SuccessEELatency_0acc30dc-881d-46c9-b634-8cba507a263f.json new file mode 100644 index 000000000..fd0f7964f --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/SuccessEELatency_0acc30dc-881d-46c9-b634-8cba507a263f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0acc30dc-881d-46c9-b634-8cba507a263f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts blobServices SuccessE2ELatency Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts blobServices SuccessE2ELatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SuccessE2ELatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/blobServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SuccessE2ELatency-threshold-Override_'), field('tags._amba-SuccessE2ELatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SuccessE2ELatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts blobServices SuccessE2ELatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SuccessE2ELatency", + "metricNamespace": "Microsoft.Storage/storageAccounts/blobServices", + "metricName": "SuccessE2ELatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SuccessE2ELatency-threshold-Override_'), field('tags._amba-SuccessE2ELatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/SuccessServerLatency_0a3689c7-b610-4c52-ae84-ab0640f3d6e4.json b/services/Storage/storageAccounts/templates/policy/SuccessServerLatency_0a3689c7-b610-4c52-ae84-ab0640f3d6e4.json new file mode 100644 index 000000000..a932ca197 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/SuccessServerLatency_0a3689c7-b610-4c52-ae84-ab0640f3d6e4.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0a3689c7-b610-4c52-ae84-ab0640f3d6e4", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts blobServices SuccessServerLatency Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts blobServices SuccessServerLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/blobServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SuccessServerLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/blobServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SuccessServerLatency-threshold-Override_'), field('tags._amba-SuccessServerLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SuccessServerLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts blobServices SuccessServerLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SuccessServerLatency", + "metricNamespace": "Microsoft.Storage/storageAccounts/blobServices", + "metricName": "SuccessServerLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SuccessServerLatency-threshold-Override_'), field('tags._amba-SuccessServerLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Transactions_5e544473-d84f-427d-869d-9d982619e4cb.json b/services/Storage/storageAccounts/templates/policy/Transactions_5e544473-d84f-427d-869d-9d982619e4cb.json new file mode 100644 index 000000000..c8e10661c --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Transactions_5e544473-d84f-427d-869d-9d982619e4cb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "5e544473-d84f-427d-869d-9d982619e4cb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy SA Throttling Alert", + "description": "Policy to Audit/Deploy SA Throttling Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Transactions" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Transactions-threshold-Override_'), field('tags._amba-Transactions-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Transactions')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices Transactions", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Transactions", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "Transactions", + "operator": "GreaterThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Transactions-threshold-Override_'), field('tags._amba-Transactions-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/Transactions_c81d3e6c-5539-42ad-a95f-9bba504d91f0.json b/services/Storage/storageAccounts/templates/policy/Transactions_c81d3e6c-5539-42ad-a95f-9bba504d91f0.json new file mode 100644 index 000000000..f0d6c4799 --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/Transactions_c81d3e6c-5539-42ad-a95f-9bba504d91f0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c81d3e6c-5539-42ad-a95f-9bba504d91f0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts fileServices Transactions Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts fileServices Transactions Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts/fileServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Transactions" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/fileServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Transactions-threshold-Override_'), field('tags._amba-Transactions-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Transactions')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts fileServices Transactions", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Transactions", + "metricNamespace": "Microsoft.Storage/storageAccounts/fileServices", + "metricName": "Transactions", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Transactions-threshold-Override_'), field('tags._amba-Transactions-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Storage/storageAccounts/templates/policy/UsedCapacity_b663a689-6db8-467d-8b5d-8cd34afe4b0e.json b/services/Storage/storageAccounts/templates/policy/UsedCapacity_b663a689-6db8-467d-8b5d-8cd34afe4b0e.json new file mode 100644 index 000000000..e113546cc --- /dev/null +++ b/services/Storage/storageAccounts/templates/policy/UsedCapacity_b663a689-6db8-467d-8b5d-8cd34afe4b0e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b663a689-6db8-467d-8b5d-8cd34afe4b0e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Storage storageAccounts UsedCapacity Alert", + "description": "Policy to Audit/Deploy Storage storageAccounts UsedCapacity Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Storage", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2251800000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Storage/storageAccounts" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "UsedCapacity" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-UsedCapacity-threshold-Override_'), field('tags._amba-UsedCapacity-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-UsedCapacity')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Storage storageAccounts UsedCapacity", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "UsedCapacity", + "metricNamespace": "Microsoft.Storage/storageAccounts", + "metricName": "UsedCapacity", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-UsedCapacity-threshold-Override_'), field('tags._amba-UsedCapacity-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageCache/AmlFilesystems/templates/policy/ClientIOPS_ff3df303-c3b0-449c-840d-68084707773e.json b/services/StorageCache/AmlFilesystems/templates/policy/ClientIOPS_ff3df303-c3b0-449c-840d-68084707773e.json new file mode 100644 index 000000000..63652816a --- /dev/null +++ b/services/StorageCache/AmlFilesystems/templates/policy/ClientIOPS_ff3df303-c3b0-449c-840d-68084707773e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ff3df303-c3b0-449c-840d-68084707773e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageCache amlFilesystems ClientIOPS Alert", + "description": "Policy to Audit/Deploy StorageCache amlFilesystems ClientIOPS Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageCache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageCache/amlFilesystems" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageCache/amlFilesystems" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ClientIOPS" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageCache/amlFilesystems/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ClientIOPS-threshold-Override_'), field('tags._amba-ClientIOPS-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ClientIOPS')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageCache amlFilesystems ClientIOPS", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ClientIOPS", + "metricNamespace": "Microsoft.StorageCache/amlFilesystems", + "metricName": "ClientIOPS", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ClientIOPS-threshold-Override_'), field('tags._amba-ClientIOPS-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageCache/AmlFilesystems/templates/policy/ClientLatency_31dead21-5454-41f0-9aab-faeabef89d67.json b/services/StorageCache/AmlFilesystems/templates/policy/ClientLatency_31dead21-5454-41f0-9aab-faeabef89d67.json new file mode 100644 index 000000000..a7a7bc583 --- /dev/null +++ b/services/StorageCache/AmlFilesystems/templates/policy/ClientLatency_31dead21-5454-41f0-9aab-faeabef89d67.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "31dead21-5454-41f0-9aab-faeabef89d67", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageCache amlFilesystems ClientLatency Alert", + "description": "Policy to Audit/Deploy StorageCache amlFilesystems ClientLatency Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageCache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageCache/amlFilesystems" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageCache/amlFilesystems" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ClientLatency" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageCache/amlFilesystems/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ClientLatency-threshold-Override_'), field('tags._amba-ClientLatency-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ClientLatency')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageCache amlFilesystems ClientLatency", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ClientLatency", + "metricNamespace": "Microsoft.StorageCache/amlFilesystems", + "metricName": "ClientLatency", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ClientLatency-threshold-Override_'), field('tags._amba-ClientLatency-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageCache/caches/templates/policy/Uptime_7f951991-c6ce-4c72-9f55-7eade2c4f57c.json b/services/StorageCache/caches/templates/policy/Uptime_7f951991-c6ce-4c72-9f55-7eade2c4f57c.json new file mode 100644 index 000000000..c9d655f8f --- /dev/null +++ b/services/StorageCache/caches/templates/policy/Uptime_7f951991-c6ce-4c72-9f55-7eade2c4f57c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7f951991-c6ce-4c72-9f55-7eade2c4f57c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageCache caches Uptime Alert", + "description": "Policy to Audit/Deploy StorageCache caches Uptime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageCache", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "99" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageCache/caches" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageCache/caches" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Uptime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageCache/caches/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Uptime-threshold-Override_'), field('tags._amba-Uptime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Uptime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageCache caches Uptime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Uptime", + "metricNamespace": "Microsoft.StorageCache/caches", + "metricName": "Uptime", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Uptime-threshold-Override_'), field('tags._amba-Uptime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageSync/storageSyncServices/templates/policy/ServerSyncSessionResult_ea68cbf2-b8a6-4f47-afda-94cab9ce4622.json b/services/StorageSync/storageSyncServices/templates/policy/ServerSyncSessionResult_ea68cbf2-b8a6-4f47-afda-94cab9ce4622.json new file mode 100644 index 000000000..422ee8944 --- /dev/null +++ b/services/StorageSync/storageSyncServices/templates/policy/ServerSyncSessionResult_ea68cbf2-b8a6-4f47-afda-94cab9ce4622.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea68cbf2-b8a6-4f47-afda-94cab9ce4622", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageSync storageSyncServices ServerSyncSessionResult Alert", + "description": "Policy to Audit/Deploy StorageSync storageSyncServices ServerSyncSessionResult Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageSync", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "P1D" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ServerSyncSessionResult" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageSync/storageSyncServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ServerSyncSessionResult-threshold-Override_'), field('tags._amba-ServerSyncSessionResult-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ServerSyncSessionResult')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageSync storageSyncServices ServerSyncSessionResult", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ServerSyncSessionResult", + "metricNamespace": "Microsoft.StorageSync/storageSyncServices", + "metricName": "ServerSyncSessionResult", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ServerSyncSessionResult-threshold-Override_'), field('tags._amba-ServerSyncSessionResult-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageSync/storageSyncServices/templates/policy/StorageSyncServerHeartbeat_eb627157-b9c8-4e8f-a00e-f9eb7df45c78.json b/services/StorageSync/storageSyncServices/templates/policy/StorageSyncServerHeartbeat_eb627157-b9c8-4e8f-a00e-f9eb7df45c78.json new file mode 100644 index 000000000..8ecc82610 --- /dev/null +++ b/services/StorageSync/storageSyncServices/templates/policy/StorageSyncServerHeartbeat_eb627157-b9c8-4e8f-a00e-f9eb7df45c78.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "eb627157-b9c8-4e8f-a00e-f9eb7df45c78", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageSync storageSyncServices StorageSyncServerHeartbeat Alert", + "description": "Policy to Audit/Deploy StorageSync storageSyncServices StorageSyncServerHeartbeat Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageSync", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT30M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "StorageSyncServerHeartbeat" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageSync/storageSyncServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-StorageSyncServerHeartbeat-threshold-Override_'), field('tags._amba-StorageSyncServerHeartbeat-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-StorageSyncServerHeartbeat')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageSync storageSyncServices StorageSyncServerHeartbeat", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "StorageSyncServerHeartbeat", + "metricNamespace": "Microsoft.StorageSync/storageSyncServices", + "metricName": "StorageSyncServerHeartbeat", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-StorageSyncServerHeartbeat-threshold-Override_'), field('tags._amba-StorageSyncServerHeartbeat-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StorageSync/storageSyncServices/templates/policy/StorageSyncSyncSessionPerItemErrorsCount_0020bd6d-cd35-491e-9c71-f66bd64ed9a9.json b/services/StorageSync/storageSyncServices/templates/policy/StorageSyncSyncSessionPerItemErrorsCount_0020bd6d-cd35-491e-9c71-f66bd64ed9a9.json new file mode 100644 index 000000000..0fe1be4ef --- /dev/null +++ b/services/StorageSync/storageSyncServices/templates/policy/StorageSyncSyncSessionPerItemErrorsCount_0020bd6d-cd35-491e-9c71-f66bd64ed9a9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0020bd6d-cd35-491e-9c71-f66bd64ed9a9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StorageSync storageSyncServices StorageSyncSyncSessionPerItemErrorsCount Alert", + "description": "Policy to Audit/Deploy StorageSync storageSyncServices StorageSyncSyncSessionPerItemErrorsCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StorageSync", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StorageSync/storageSyncServices" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "StorageSyncSyncSessionPerItemErrorsCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StorageSync/storageSyncServices/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-StorageSyncSyncSessionPerItemErrorsCount-threshold-Override_'), field('tags._amba-StorageSyncSyncSessionPerItemErrorsCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-StorageSyncSyncSessionPerItemErrorsCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StorageSync storageSyncServices StorageSyncSyncSessionPerItemErrorsCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "StorageSyncSyncSessionPerItemErrorsCount", + "metricNamespace": "Microsoft.StorageSync/storageSyncServices", + "metricName": "StorageSyncSyncSessionPerItemErrorsCount", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-StorageSyncSyncSessionPerItemErrorsCount-threshold-Override_'), field('tags._amba-StorageSyncSyncSessionPerItemErrorsCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/AMLCalloutFailedRequests_f0fa5804-9d5f-4e23-91c0-996c561585ef.json b/services/StreamAnalytics/streamingjobs/templates/policy/AMLCalloutFailedRequests_f0fa5804-9d5f-4e23-91c0-996c561585ef.json new file mode 100644 index 000000000..af956e5e4 --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/AMLCalloutFailedRequests_f0fa5804-9d5f-4e23-91c0-996c561585ef.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f0fa5804-9d5f-4e23-91c0-996c561585ef", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs AMLCalloutFailedRequests Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs AMLCalloutFailedRequests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AMLCalloutFailedRequests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AMLCalloutFailedRequests-threshold-Override_'), field('tags._amba-AMLCalloutFailedRequests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AMLCalloutFailedRequests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs AMLCalloutFailedRequests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AMLCalloutFailedRequests", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "AMLCalloutFailedRequests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AMLCalloutFailedRequests-threshold-Override_'), field('tags._amba-AMLCalloutFailedRequests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/ConversionErrors_7d30aeb3-31e5-4742-aa7e-825c2a6af42a.json b/services/StreamAnalytics/streamingjobs/templates/policy/ConversionErrors_7d30aeb3-31e5-4742-aa7e-825c2a6af42a.json new file mode 100644 index 000000000..3e1662e8d --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/ConversionErrors_7d30aeb3-31e5-4742-aa7e-825c2a6af42a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7d30aeb3-31e5-4742-aa7e-825c2a6af42a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs ConversionErrors Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs ConversionErrors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ConversionErrors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ConversionErrors-threshold-Override_'), field('tags._amba-ConversionErrors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ConversionErrors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs ConversionErrors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ConversionErrors", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "ConversionErrors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ConversionErrors-threshold-Override_'), field('tags._amba-ConversionErrors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/DeserializationError_381221db-fd9a-4d65-a16f-63e7492b0a49.json b/services/StreamAnalytics/streamingjobs/templates/policy/DeserializationError_381221db-fd9a-4d65-a16f-63e7492b0a49.json new file mode 100644 index 000000000..8e5d1d87b --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/DeserializationError_381221db-fd9a-4d65-a16f-63e7492b0a49.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "381221db-fd9a-4d65-a16f-63e7492b0a49", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs DeserializationError Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs DeserializationError Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DeserializationError" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DeserializationError-threshold-Override_'), field('tags._amba-DeserializationError-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DeserializationError')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs DeserializationError", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DeserializationError", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "DeserializationError", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DeserializationError-threshold-Override_'), field('tags._amba-DeserializationError-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/Errors_ebd9a9cf-7aa1-4c75-8b76-33f94e4bb8ef.json b/services/StreamAnalytics/streamingjobs/templates/policy/Errors_ebd9a9cf-7aa1-4c75-8b76-33f94e4bb8ef.json new file mode 100644 index 000000000..28cec33ed --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/Errors_ebd9a9cf-7aa1-4c75-8b76-33f94e4bb8ef.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ebd9a9cf-7aa1-4c75-8b76-33f94e4bb8ef", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs Errors Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs Errors Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Errors" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Errors-threshold-Override_'), field('tags._amba-Errors-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Errors')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs Errors", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Errors", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "Errors", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Errors-threshold-Override_'), field('tags._amba-Errors-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/InputEventsSourcesBacklogged_b46ef7a9-6597-4c4f-a5ca-9ca653e1b716.json b/services/StreamAnalytics/streamingjobs/templates/policy/InputEventsSourcesBacklogged_b46ef7a9-6597-4c4f-a5ca-9ca653e1b716.json new file mode 100644 index 000000000..9741b6f8f --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/InputEventsSourcesBacklogged_b46ef7a9-6597-4c4f-a5ca-9ca653e1b716.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b46ef7a9-6597-4c4f-a5ca-9ca653e1b716", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs InputEventsSourcesBacklogged Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs InputEventsSourcesBacklogged Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "InputEventsSourcesBacklogged" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-InputEventsSourcesBacklogged-threshold-Override_'), field('tags._amba-InputEventsSourcesBacklogged-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-InputEventsSourcesBacklogged')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs InputEventsSourcesBacklogged", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "InputEventsSourcesBacklogged", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "InputEventsSourcesBacklogged", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-InputEventsSourcesBacklogged-threshold-Override_'), field('tags._amba-InputEventsSourcesBacklogged-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/InputEvents_1dc8c746-4caf-4355-9d82-bdeaa1cf95bf.json b/services/StreamAnalytics/streamingjobs/templates/policy/InputEvents_1dc8c746-4caf-4355-9d82-bdeaa1cf95bf.json new file mode 100644 index 000000000..0eb9fe14b --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/InputEvents_1dc8c746-4caf-4355-9d82-bdeaa1cf95bf.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1dc8c746-4caf-4355-9d82-bdeaa1cf95bf", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs InputEvents Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs InputEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "InputEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-InputEvents-threshold-Override_'), field('tags._amba-InputEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-InputEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs InputEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "InputEvents", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "InputEvents", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-InputEvents-threshold-Override_'), field('tags._amba-InputEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/OutputEvents_c0dbcbee-eefd-4ee4-bd25-48d42444c882.json b/services/StreamAnalytics/streamingjobs/templates/policy/OutputEvents_c0dbcbee-eefd-4ee4-bd25-48d42444c882.json new file mode 100644 index 000000000..2c60a9735 --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/OutputEvents_c0dbcbee-eefd-4ee4-bd25-48d42444c882.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c0dbcbee-eefd-4ee4-bd25-48d42444c882", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs OutputEvents Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs OutputEvents Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OutputEvents" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OutputEvents-threshold-Override_'), field('tags._amba-OutputEvents-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OutputEvents')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs OutputEvents", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OutputEvents", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "OutputEvents", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OutputEvents-threshold-Override_'), field('tags._amba-OutputEvents-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/OutputWatermarkDelaySeconds_289283c0-87ae-475f-b756-306783c7ec4d.json b/services/StreamAnalytics/streamingjobs/templates/policy/OutputWatermarkDelaySeconds_289283c0-87ae-475f-b756-306783c7ec4d.json new file mode 100644 index 000000000..45e9a32b4 --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/OutputWatermarkDelaySeconds_289283c0-87ae-475f-b756-306783c7ec4d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "289283c0-87ae-475f-b756-306783c7ec4d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs OutputWatermarkDelaySeconds Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs OutputWatermarkDelaySeconds Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "3600" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "OutputWatermarkDelaySeconds" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-OutputWatermarkDelaySeconds-threshold-Override_'), field('tags._amba-OutputWatermarkDelaySeconds-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-OutputWatermarkDelaySeconds')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs OutputWatermarkDelaySeconds", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "OutputWatermarkDelaySeconds", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "OutputWatermarkDelaySeconds", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-OutputWatermarkDelaySeconds-threshold-Override_'), field('tags._amba-OutputWatermarkDelaySeconds-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/ProcessCPUUsagePercentage_ea14eb56-238e-42b2-95ae-4d624d720d10.json b/services/StreamAnalytics/streamingjobs/templates/policy/ProcessCPUUsagePercentage_ea14eb56-238e-42b2-95ae-4d624d720d10.json new file mode 100644 index 000000000..28e32a751 --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/ProcessCPUUsagePercentage_ea14eb56-238e-42b2-95ae-4d624d720d10.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ea14eb56-238e-42b2-95ae-4d624d720d10", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs ProcessCPUUsagePercentage Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs ProcessCPUUsagePercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ProcessCPUUsagePercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ProcessCPUUsagePercentage-threshold-Override_'), field('tags._amba-ProcessCPUUsagePercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ProcessCPUUsagePercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs ProcessCPUUsagePercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ProcessCPUUsagePercentage", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "ProcessCPUUsagePercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ProcessCPUUsagePercentage-threshold-Override_'), field('tags._amba-ProcessCPUUsagePercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/StreamAnalytics/streamingjobs/templates/policy/ResourceUtilization_4f2ead64-7412-4695-9855-47f36ade6f7e.json b/services/StreamAnalytics/streamingjobs/templates/policy/ResourceUtilization_4f2ead64-7412-4695-9855-47f36ade6f7e.json new file mode 100644 index 000000000..35bb2cae2 --- /dev/null +++ b/services/StreamAnalytics/streamingjobs/templates/policy/ResourceUtilization_4f2ead64-7412-4695-9855-47f36ade6f7e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4f2ead64-7412-4695-9855-47f36ade6f7e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy StreamAnalytics streamingjobs ResourceUtilization Alert", + "description": "Policy to Audit/Deploy StreamAnalytics streamingjobs ResourceUtilization Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "StreamAnalytics", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.StreamAnalytics/streamingjobs" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "ResourceUtilization" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.StreamAnalytics/streamingjobs/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-ResourceUtilization-threshold-Override_'), field('tags._amba-ResourceUtilization-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-ResourceUtilization')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for StreamAnalytics streamingjobs ResourceUtilization", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "ResourceUtilization", + "metricNamespace": "Microsoft.StreamAnalytics/streamingjobs", + "metricName": "ResourceUtilization", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-ResourceUtilization-threshold-Override_'), field('tags._amba-ResourceUtilization-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolDataProcessedBytes_8e2a7c77-890c-49d5-aadd-052764135995.json b/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolDataProcessedBytes_8e2a7c77-890c-49d5-aadd-052764135995.json new file mode 100644 index 000000000..92737aa39 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolDataProcessedBytes_8e2a7c77-890c-49d5-aadd-052764135995.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8e2a7c77-890c-49d5-aadd-052764135995", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces BuiltinSqlPoolDataProcessedBytes Alert", + "description": "Policy to Audit/Deploy Synapse workspaces BuiltinSqlPoolDataProcessedBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "386547056640" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BuiltinSqlPoolDataProcessedBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BuiltinSqlPoolDataProcessedBytes-threshold-Override_'), field('tags._amba-BuiltinSqlPoolDataProcessedBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BuiltinSqlPoolDataProcessedBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces BuiltinSqlPoolDataProcessedBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BuiltinSqlPoolDataProcessedBytes", + "metricNamespace": "Microsoft.Synapse/workspaces", + "metricName": "BuiltinSqlPoolDataProcessedBytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BuiltinSqlPoolDataProcessedBytes-threshold-Override_'), field('tags._amba-BuiltinSqlPoolDataProcessedBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolLoginAttempts_6cf01e09-24d5-4097-bac1-1d39b0f577c8.json b/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolLoginAttempts_6cf01e09-24d5-4097-bac1-1d39b0f577c8.json new file mode 100644 index 000000000..12a845ed2 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/BuiltinSqlPoolLoginAttempts_6cf01e09-24d5-4097-bac1-1d39b0f577c8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "6cf01e09-24d5-4097-bac1-1d39b0f577c8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces BuiltinSqlPoolLoginAttempts Alert", + "description": "Policy to Audit/Deploy Synapse workspaces BuiltinSqlPoolLoginAttempts Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "360" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BuiltinSqlPoolLoginAttempts" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BuiltinSqlPoolLoginAttempts-threshold-Override_'), field('tags._amba-BuiltinSqlPoolLoginAttempts-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BuiltinSqlPoolLoginAttempts')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces BuiltinSqlPoolLoginAttempts", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BuiltinSqlPoolLoginAttempts", + "metricNamespace": "Microsoft.Synapse/workspaces", + "metricName": "BuiltinSqlPoolLoginAttempts", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BuiltinSqlPoolLoginAttempts-threshold-Override_'), field('tags._amba-BuiltinSqlPoolLoginAttempts-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/CPUPercent_d8d1bc29-bfdb-48a5-89bd-7e34522d8085.json b/services/Synapse/workspaces/templates/policy/CPUPercent_d8d1bc29-bfdb-48a5-89bd-7e34522d8085.json new file mode 100644 index 000000000..a9bf3dd6d --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/CPUPercent_d8d1bc29-bfdb-48a5-89bd-7e34522d8085.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "d8d1bc29-bfdb-48a5-89bd-7e34522d8085", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces sqlPools CPUPercent Alert", + "description": "Policy to Audit/Deploy Synapse workspaces sqlPools CPUPercent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CPUPercent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/sqlPools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CPUPercent-threshold-Override_'), field('tags._amba-CPUPercent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CPUPercent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces sqlPools CPUPercent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CPUPercent", + "metricNamespace": "Microsoft.Synapse/workspaces/sqlPools", + "metricName": "CPUPercent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CPUPercent-threshold-Override_'), field('tags._amba-CPUPercent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/DWUUsedPercent_64f41eaa-048f-4892-b80f-593e74ef4f84.json b/services/Synapse/workspaces/templates/policy/DWUUsedPercent_64f41eaa-048f-4892-b80f-593e74ef4f84.json new file mode 100644 index 000000000..1e201b881 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/DWUUsedPercent_64f41eaa-048f-4892-b80f-593e74ef4f84.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "64f41eaa-048f-4892-b80f-593e74ef4f84", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces sqlPools DWUUsedPercent Alert", + "description": "Policy to Audit/Deploy Synapse workspaces sqlPools DWUUsedPercent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DWUUsedPercent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/sqlPools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DWUUsedPercent-threshold-Override_'), field('tags._amba-DWUUsedPercent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DWUUsedPercent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces sqlPools DWUUsedPercent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DWUUsedPercent", + "metricNamespace": "Microsoft.Synapse/workspaces/sqlPools", + "metricName": "DWUUsedPercent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DWUUsedPercent-threshold-Override_'), field('tags._amba-DWUUsedPercent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/IntegrationActivityRunsEnded_21280a1a-d4e5-4ec3-83f5-f8d22ae0340a.json b/services/Synapse/workspaces/templates/policy/IntegrationActivityRunsEnded_21280a1a-d4e5-4ec3-83f5-f8d22ae0340a.json new file mode 100644 index 000000000..d175f1086 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/IntegrationActivityRunsEnded_21280a1a-d4e5-4ec3-83f5-f8d22ae0340a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "21280a1a-d4e5-4ec3-83f5-f8d22ae0340a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces IntegrationActivityRunsEnded Alert", + "description": "Policy to Audit/Deploy Synapse workspaces IntegrationActivityRunsEnded Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "700" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationActivityRunsEnded" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Count" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationActivityRunsEnded-threshold-Override_'), field('tags._amba-IntegrationActivityRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationActivityRunsEnded')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces IntegrationActivityRunsEnded", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationActivityRunsEnded", + "metricNamespace": "Microsoft.Synapse/workspaces", + "metricName": "IntegrationActivityRunsEnded", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Count", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationActivityRunsEnded-threshold-Override_'), field('tags._amba-IntegrationActivityRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/IntegrationPipelineRunsEnded_16072e08-8ffb-48c9-afa9-fe2192b4513b.json b/services/Synapse/workspaces/templates/policy/IntegrationPipelineRunsEnded_16072e08-8ffb-48c9-afa9-fe2192b4513b.json new file mode 100644 index 000000000..53c8cbd38 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/IntegrationPipelineRunsEnded_16072e08-8ffb-48c9-afa9-fe2192b4513b.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "16072e08-8ffb-48c9-afa9-fe2192b4513b", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces IntegrationPipelineRunsEnded Alert", + "description": "Policy to Audit/Deploy Synapse workspaces IntegrationPipelineRunsEnded Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationPipelineRunsEnded" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationPipelineRunsEnded-threshold-Override_'), field('tags._amba-IntegrationPipelineRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationPipelineRunsEnded')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces IntegrationPipelineRunsEnded", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationPipelineRunsEnded", + "metricNamespace": "Microsoft.Synapse/workspaces", + "metricName": "IntegrationPipelineRunsEnded", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationPipelineRunsEnded-threshold-Override_'), field('tags._amba-IntegrationPipelineRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/IntegrationTriggerRunsEnded_583c6484-b7a3-4908-b4d4-9a8b08d1edf9.json b/services/Synapse/workspaces/templates/policy/IntegrationTriggerRunsEnded_583c6484-b7a3-4908-b4d4-9a8b08d1edf9.json new file mode 100644 index 000000000..e269da12b --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/IntegrationTriggerRunsEnded_583c6484-b7a3-4908-b4d4-9a8b08d1edf9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "583c6484-b7a3-4908-b4d4-9a8b08d1edf9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces IntegrationTriggerRunsEnded Alert", + "description": "Policy to Audit/Deploy Synapse workspaces IntegrationTriggerRunsEnded Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "IntegrationTriggerRunsEnded" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-IntegrationTriggerRunsEnded-threshold-Override_'), field('tags._amba-IntegrationTriggerRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-IntegrationTriggerRunsEnded')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces IntegrationTriggerRunsEnded", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "IntegrationTriggerRunsEnded", + "metricNamespace": "Microsoft.Synapse/workspaces", + "metricName": "IntegrationTriggerRunsEnded", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-IntegrationTriggerRunsEnded-threshold-Override_'), field('tags._amba-IntegrationTriggerRunsEnded-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Synapse/workspaces/templates/policy/MemoryUsedPercent_4c4d35e8-fdd7-4951-8a71-7b9add69d337.json b/services/Synapse/workspaces/templates/policy/MemoryUsedPercent_4c4d35e8-fdd7-4951-8a71-7b9add69d337.json new file mode 100644 index 000000000..5dc717057 --- /dev/null +++ b/services/Synapse/workspaces/templates/policy/MemoryUsedPercent_4c4d35e8-fdd7-4951-8a71-7b9add69d337.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "4c4d35e8-fdd7-4951-8a71-7b9add69d337", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Synapse workspaces sqlPools MemoryUsedPercent Alert", + "description": "Policy to Audit/Deploy Synapse workspaces sqlPools MemoryUsedPercent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Synapse", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "80" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Synapse/workspaces/sqlPools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MemoryUsedPercent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Synapse/workspaces/sqlPools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MemoryUsedPercent-threshold-Override_'), field('tags._amba-MemoryUsedPercent-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MemoryUsedPercent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Synapse workspaces sqlPools MemoryUsedPercent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MemoryUsedPercent", + "metricNamespace": "Microsoft.Synapse/workspaces/sqlPools", + "metricName": "MemoryUsedPercent", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MemoryUsedPercent-threshold-Override_'), field('tags._amba-MemoryUsedPercent-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/hostingEnvironments/templates/policy/CpuPercentage_f6c1126c-48cf-499a-b0a2-e4fdd80cdf0e.json b/services/Web/hostingEnvironments/templates/policy/CpuPercentage_f6c1126c-48cf-499a-b0a2-e4fdd80cdf0e.json new file mode 100644 index 000000000..010feadcb --- /dev/null +++ b/services/Web/hostingEnvironments/templates/policy/CpuPercentage_f6c1126c-48cf-499a-b0a2-e4fdd80cdf0e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f6c1126c-48cf-499a-b0a2-e4fdd80cdf0e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web hostingEnvironments multiRolePools CpuPercentage Alert", + "description": "Policy to Audit/Deploy Web hostingEnvironments multiRolePools CpuPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "75" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/hostingEnvironments/multiRolePools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/hostingEnvironments/multiRolePools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CpuPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/hostingEnvironments/multiRolePools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CpuPercentage-threshold-Override_'), field('tags._amba-CpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CpuPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web hostingEnvironments multiRolePools CpuPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CpuPercentage", + "metricNamespace": "Microsoft.Web/hostingEnvironments/multiRolePools", + "metricName": "CpuPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CpuPercentage-threshold-Override_'), field('tags._amba-CpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/hostingEnvironments/templates/policy/HttpQueueLength_c7ad761f-19bf-4289-ab47-2721c6d387eb.json b/services/Web/hostingEnvironments/templates/policy/HttpQueueLength_c7ad761f-19bf-4289-ab47-2721c6d387eb.json new file mode 100644 index 000000000..f97d3a9eb --- /dev/null +++ b/services/Web/hostingEnvironments/templates/policy/HttpQueueLength_c7ad761f-19bf-4289-ab47-2721c6d387eb.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "c7ad761f-19bf-4289-ab47-2721c6d387eb", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web hostingEnvironments multiRolePools HttpQueueLength Alert", + "description": "Policy to Audit/Deploy Web hostingEnvironments multiRolePools HttpQueueLength Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/hostingEnvironments/multiRolePools" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/hostingEnvironments/multiRolePools" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "HttpQueueLength" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/hostingEnvironments/multiRolePools/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-HttpQueueLength-threshold-Override_'), field('tags._amba-HttpQueueLength-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-HttpQueueLength')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web hostingEnvironments multiRolePools HttpQueueLength", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "HttpQueueLength", + "metricNamespace": "Microsoft.Web/hostingEnvironments/multiRolePools", + "metricName": "HttpQueueLength", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-HttpQueueLength-threshold-Override_'), field('tags._amba-HttpQueueLength-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/BytesReceived_7bdc68c3-7679-482d-82e4-92a8229db9d7.json b/services/Web/serverFarms/templates/policy/BytesReceived_7bdc68c3-7679-482d-82e4-92a8229db9d7.json new file mode 100644 index 000000000..26239b4aa --- /dev/null +++ b/services/Web/serverFarms/templates/policy/BytesReceived_7bdc68c3-7679-482d-82e4-92a8229db9d7.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "7bdc68c3-7679-482d-82e4-92a8229db9d7", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms BytesReceived Alert", + "description": "Policy to Audit/Deploy Web serverFarms BytesReceived Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BytesReceived" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BytesReceived-threshold-Override_'), field('tags._amba-BytesReceived-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BytesReceived')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms BytesReceived", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BytesReceived", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "BytesReceived", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BytesReceived-threshold-Override_'), field('tags._amba-BytesReceived-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/BytesSent_520cc4d4-2caa-42df-b8b7-86dbc4786ce6.json b/services/Web/serverFarms/templates/policy/BytesSent_520cc4d4-2caa-42df-b8b7-86dbc4786ce6.json new file mode 100644 index 000000000..3b450a896 --- /dev/null +++ b/services/Web/serverFarms/templates/policy/BytesSent_520cc4d4-2caa-42df-b8b7-86dbc4786ce6.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "520cc4d4-2caa-42df-b8b7-86dbc4786ce6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms BytesSent Alert", + "description": "Policy to Audit/Deploy Web serverFarms BytesSent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BytesSent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BytesSent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms BytesSent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BytesSent", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "BytesSent", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Total", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/CpuPercentage_8748b7d6-ef2a-4548-bf8e-dc6eecd2a651.json b/services/Web/serverFarms/templates/policy/CpuPercentage_8748b7d6-ef2a-4548-bf8e-dc6eecd2a651.json new file mode 100644 index 000000000..43131cc01 --- /dev/null +++ b/services/Web/serverFarms/templates/policy/CpuPercentage_8748b7d6-ef2a-4548-bf8e-dc6eecd2a651.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8748b7d6-ef2a-4548-bf8e-dc6eecd2a651", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms CpuPercentage Alert", + "description": "Policy to Audit/Deploy Web serverFarms CpuPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CpuPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CpuPercentage-threshold-Override_'), field('tags._amba-CpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CpuPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms CpuPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CpuPercentage", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "CpuPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CpuPercentage-threshold-Override_'), field('tags._amba-CpuPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/DiskQueueLength_14dbacac-2559-4537-9be9-7d08bdd0888d.json b/services/Web/serverFarms/templates/policy/DiskQueueLength_14dbacac-2559-4537-9be9-7d08bdd0888d.json new file mode 100644 index 000000000..b9e7cae0a --- /dev/null +++ b/services/Web/serverFarms/templates/policy/DiskQueueLength_14dbacac-2559-4537-9be9-7d08bdd0888d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "14dbacac-2559-4537-9be9-7d08bdd0888d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms DiskQueueLength Alert", + "description": "Policy to Audit/Deploy Web serverFarms DiskQueueLength Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "DiskQueueLength" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-DiskQueueLength-threshold-Override_'), field('tags._amba-DiskQueueLength-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-DiskQueueLength')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms DiskQueueLength", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "DiskQueueLength", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "DiskQueueLength", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-DiskQueueLength-threshold-Override_'), field('tags._amba-DiskQueueLength-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/HttpQueueLength_e85efb6a-239a-41e0-8cdd-b1792c41ec41.json b/services/Web/serverFarms/templates/policy/HttpQueueLength_e85efb6a-239a-41e0-8cdd-b1792c41ec41.json new file mode 100644 index 000000000..545273064 --- /dev/null +++ b/services/Web/serverFarms/templates/policy/HttpQueueLength_e85efb6a-239a-41e0-8cdd-b1792c41ec41.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e85efb6a-239a-41e0-8cdd-b1792c41ec41", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms HttpQueueLength Alert", + "description": "Policy to Audit/Deploy Web serverFarms HttpQueueLength Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "HttpQueueLength" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-HttpQueueLength-threshold-Override_'), field('tags._amba-HttpQueueLength-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-HttpQueueLength')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms HttpQueueLength", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "HttpQueueLength", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "HttpQueueLength", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-HttpQueueLength-threshold-Override_'), field('tags._amba-HttpQueueLength-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/MemoryPercentage_b87ecc60-7558-4cb4-8ef9-3185c4c19579.json b/services/Web/serverFarms/templates/policy/MemoryPercentage_b87ecc60-7558-4cb4-8ef9-3185c4c19579.json new file mode 100644 index 000000000..ec2770bb3 --- /dev/null +++ b/services/Web/serverFarms/templates/policy/MemoryPercentage_b87ecc60-7558-4cb4-8ef9-3185c4c19579.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b87ecc60-7558-4cb4-8ef9-3185c4c19579", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms MemoryPercentage Alert", + "description": "Policy to Audit/Deploy Web serverFarms MemoryPercentage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "90" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MemoryPercentage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MemoryPercentage-threshold-Override_'), field('tags._amba-MemoryPercentage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MemoryPercentage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms MemoryPercentage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MemoryPercentage", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "MemoryPercentage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MemoryPercentage-threshold-Override_'), field('tags._amba-MemoryPercentage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/SocketOutboundAll_96257455-b2cf-4f35-9c64-00eea637471a.json b/services/Web/serverFarms/templates/policy/SocketOutboundAll_96257455-b2cf-4f35-9c64-00eea637471a.json new file mode 100644 index 000000000..5f8ca5367 --- /dev/null +++ b/services/Web/serverFarms/templates/policy/SocketOutboundAll_96257455-b2cf-4f35-9c64-00eea637471a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "96257455-b2cf-4f35-9c64-00eea637471a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms SocketOutboundAll Alert", + "description": "Policy to Audit/Deploy Web serverFarms SocketOutboundAll Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "SocketOutboundAll" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-SocketOutboundAll-threshold-Override_'), field('tags._amba-SocketOutboundAll-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-SocketOutboundAll')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms SocketOutboundAll", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "SocketOutboundAll", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "SocketOutboundAll", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-SocketOutboundAll-threshold-Override_'), field('tags._amba-SocketOutboundAll-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/TcpEstablished_f03350e9-f936-4ac0-a64f-2d2df1fc9f75.json b/services/Web/serverFarms/templates/policy/TcpEstablished_f03350e9-f936-4ac0-a64f-2d2df1fc9f75.json new file mode 100644 index 000000000..6d5f6b36f --- /dev/null +++ b/services/Web/serverFarms/templates/policy/TcpEstablished_f03350e9-f936-4ac0-a64f-2d2df1fc9f75.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "f03350e9-f936-4ac0-a64f-2d2df1fc9f75", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms TcpEstablished Alert", + "description": "Policy to Audit/Deploy Web serverFarms TcpEstablished Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1500" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TcpEstablished" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TcpEstablished-threshold-Override_'), field('tags._amba-TcpEstablished-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TcpEstablished')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms TcpEstablished", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TcpEstablished", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "TcpEstablished", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TcpEstablished-threshold-Override_'), field('tags._amba-TcpEstablished-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/serverFarms/templates/policy/TcpTimeWait_2a129b1b-36a7-4048-9403-004dc5e6b0b2.json b/services/Web/serverFarms/templates/policy/TcpTimeWait_2a129b1b-36a7-4048-9403-004dc5e6b0b2.json new file mode 100644 index 000000000..dbf356b1a --- /dev/null +++ b/services/Web/serverFarms/templates/policy/TcpTimeWait_2a129b1b-36a7-4048-9403-004dc5e6b0b2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2a129b1b-36a7-4048-9403-004dc5e6b0b2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web serverFarms TcpTimeWait Alert", + "description": "Policy to Audit/Deploy Web serverFarms TcpTimeWait Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "300" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/serverFarms" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "TcpTimeWait" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverFarms/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-TcpTimeWait-threshold-Override_'), field('tags._amba-TcpTimeWait-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-TcpTimeWait')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web serverFarms TcpTimeWait", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "TcpTimeWait", + "metricNamespace": "Microsoft.Web/serverFarms", + "metricName": "TcpTimeWait", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-TcpTimeWait-threshold-Override_'), field('tags._amba-TcpTimeWait-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/AppConnections_a74bd8f3-cab7-46e6-ac1e-7527d2385bee.json b/services/Web/sites/templates/policy/AppConnections_a74bd8f3-cab7-46e6-ac1e-7527d2385bee.json new file mode 100644 index 000000000..3b3bd0143 --- /dev/null +++ b/services/Web/sites/templates/policy/AppConnections_a74bd8f3-cab7-46e6-ac1e-7527d2385bee.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a74bd8f3-cab7-46e6-ac1e-7527d2385bee", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites AppConnections Alert", + "description": "Policy to Audit/Deploy Web sites AppConnections Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "6000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AppConnections" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AppConnections-threshold-Override_'), field('tags._amba-AppConnections-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AppConnections')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites AppConnections", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AppConnections", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "AppConnections", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AppConnections-threshold-Override_'), field('tags._amba-AppConnections-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/AverageMemoryWorkingSet_e6f23a76-11f3-471e-b7d7-ebc787487069.json b/services/Web/sites/templates/policy/AverageMemoryWorkingSet_e6f23a76-11f3-471e-b7d7-ebc787487069.json new file mode 100644 index 000000000..5067f25ca --- /dev/null +++ b/services/Web/sites/templates/policy/AverageMemoryWorkingSet_e6f23a76-11f3-471e-b7d7-ebc787487069.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e6f23a76-11f3-471e-b7d7-ebc787487069", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots AverageMemoryWorkingSet Alert", + "description": "Policy to Audit/Deploy Web sites slots AverageMemoryWorkingSet Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "800000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageMemoryWorkingSet" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageMemoryWorkingSet-threshold-Override_'), field('tags._amba-AverageMemoryWorkingSet-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageMemoryWorkingSet')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots AverageMemoryWorkingSet", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageMemoryWorkingSet", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "AverageMemoryWorkingSet", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageMemoryWorkingSet-threshold-Override_'), field('tags._amba-AverageMemoryWorkingSet-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/AverageResponseTime_b16f8234-e6c6-4723-933e-e5f8c179f23d.json b/services/Web/sites/templates/policy/AverageResponseTime_b16f8234-e6c6-4723-933e-e5f8c179f23d.json new file mode 100644 index 000000000..4f00d8286 --- /dev/null +++ b/services/Web/sites/templates/policy/AverageResponseTime_b16f8234-e6c6-4723-933e-e5f8c179f23d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b16f8234-e6c6-4723-933e-e5f8c179f23d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites AverageResponseTime Alert", + "description": "Policy to Audit/Deploy Web sites AverageResponseTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "60" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "AverageResponseTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-AverageResponseTime-threshold-Override_'), field('tags._amba-AverageResponseTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-AverageResponseTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites AverageResponseTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "AverageResponseTime", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "AverageResponseTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-AverageResponseTime-threshold-Override_'), field('tags._amba-AverageResponseTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/BytesReceived_a9177e32-e3fa-425a-a02e-727ff3515ae0.json b/services/Web/sites/templates/policy/BytesReceived_a9177e32-e3fa-425a-a02e-727ff3515ae0.json new file mode 100644 index 000000000..37425c906 --- /dev/null +++ b/services/Web/sites/templates/policy/BytesReceived_a9177e32-e3fa-425a-a02e-727ff3515ae0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a9177e32-e3fa-425a-a02e-727ff3515ae0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites BytesReceived Alert", + "description": "Policy to Audit/Deploy Web sites BytesReceived Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "2048000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BytesReceived" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-BytesReceived-threshold-Override_'), field('tags._amba-BytesReceived-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BytesReceived')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites BytesReceived", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BytesReceived", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "BytesReceived", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-BytesReceived-threshold-Override_'), field('tags._amba-BytesReceived-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/BytesSent_49f62a85-7edf-4afc-9201-7a8939d6a42a.json b/services/Web/sites/templates/policy/BytesSent_49f62a85-7edf-4afc-9201-7a8939d6a42a.json new file mode 100644 index 000000000..5b11a5c85 --- /dev/null +++ b/services/Web/sites/templates/policy/BytesSent_49f62a85-7edf-4afc-9201-7a8939d6a42a.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "49f62a85-7edf-4afc-9201-7a8939d6a42a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites BytesSent Alert", + "description": "Policy to Audit/Deploy Web sites BytesSent Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "BytesSent" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-BytesSent')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites BytesSent", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "BytesSent", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "BytesSent", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/CpuTime_48fcc15e-f043-4bb5-a628-6aefc60432c1.json b/services/Web/sites/templates/policy/CpuTime_48fcc15e-f043-4bb5-a628-6aefc60432c1.json new file mode 100644 index 000000000..33b636511 --- /dev/null +++ b/services/Web/sites/templates/policy/CpuTime_48fcc15e-f043-4bb5-a628-6aefc60432c1.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "48fcc15e-f043-4bb5-a628-6aefc60432c1", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites CpuTime Alert", + "description": "Policy to Audit/Deploy Web sites CpuTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "120" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CpuTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CpuTime-threshold-Override_'), field('tags._amba-CpuTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CpuTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites CpuTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CpuTime", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "CpuTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CpuTime-threshold-Override_'), field('tags._amba-CpuTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/CurrentAssemblies_b63593ad-6c47-49e3-9b4a-e8b19f0cc7db.json b/services/Web/sites/templates/policy/CurrentAssemblies_b63593ad-6c47-49e3-9b4a-e8b19f0cc7db.json new file mode 100644 index 000000000..9404444c7 --- /dev/null +++ b/services/Web/sites/templates/policy/CurrentAssemblies_b63593ad-6c47-49e3-9b4a-e8b19f0cc7db.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b63593ad-6c47-49e3-9b4a-e8b19f0cc7db", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites CurrentAssemblies Alert", + "description": "Policy to Audit/Deploy Web sites CurrentAssemblies Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT1M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "CurrentAssemblies" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-CurrentAssemblies-threshold-Override_'), field('tags._amba-CurrentAssemblies-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-CurrentAssemblies')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites CurrentAssemblies", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "CurrentAssemblies", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "CurrentAssemblies", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-CurrentAssemblies-threshold-Override_'), field('tags._amba-CurrentAssemblies-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/FileSystemUsage_b0c0fca3-1832-4a18-8832-5eebd2c1370a.json b/services/Web/sites/templates/policy/FileSystemUsage_b0c0fca3-1832-4a18-8832-5eebd2c1370a.json new file mode 100644 index 000000000..d6bfa9e38 --- /dev/null +++ b/services/Web/sites/templates/policy/FileSystemUsage_b0c0fca3-1832-4a18-8832-5eebd2c1370a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b0c0fca3-1832-4a18-8832-5eebd2c1370a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites FileSystemUsage Alert", + "description": "Policy to Audit/Deploy Web sites FileSystemUsage Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT6H" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1H" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "400000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FileSystemUsage" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FileSystemUsage-threshold-Override_'), field('tags._amba-FileSystemUsage-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FileSystemUsage')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites FileSystemUsage", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FileSystemUsage", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "FileSystemUsage", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FileSystemUsage-threshold-Override_'), field('tags._amba-FileSystemUsage-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/FunctionExecutionCount_1e71d59c-b29f-4b43-9f49-7aa0da50c88c.json b/services/Web/sites/templates/policy/FunctionExecutionCount_1e71d59c-b29f-4b43-9f49-7aa0da50c88c.json new file mode 100644 index 000000000..785177af8 --- /dev/null +++ b/services/Web/sites/templates/policy/FunctionExecutionCount_1e71d59c-b29f-4b43-9f49-7aa0da50c88c.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "1e71d59c-b29f-4b43-9f49-7aa0da50c88c", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites FunctionExecutionCount Alert", + "description": "Policy to Audit/Deploy Web sites FunctionExecutionCount Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FunctionExecutionCount" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThanOrEqual" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FunctionExecutionCount-threshold-Override_'), field('tags._amba-FunctionExecutionCount-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FunctionExecutionCount')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites FunctionExecutionCount", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FunctionExecutionCount", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "FunctionExecutionCount", + "operator": "LessThanOrEqual", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FunctionExecutionCount-threshold-Override_'), field('tags._amba-FunctionExecutionCount-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/FunctionExecutionUnits_12241b03-3f62-4100-9cf3-7798a7796600.json b/services/Web/sites/templates/policy/FunctionExecutionUnits_12241b03-3f62-4100-9cf3-7798a7796600.json new file mode 100644 index 000000000..b8b1bd9c3 --- /dev/null +++ b/services/Web/sites/templates/policy/FunctionExecutionUnits_12241b03-3f62-4100-9cf3-7798a7796600.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "12241b03-3f62-4100-9cf3-7798a7796600", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites FunctionExecutionUnits Alert", + "description": "Policy to Audit/Deploy Web sites FunctionExecutionUnits Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "13000000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "FunctionExecutionUnits" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-FunctionExecutionUnits-threshold-Override_'), field('tags._amba-FunctionExecutionUnits-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-FunctionExecutionUnits')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites FunctionExecutionUnits", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "FunctionExecutionUnits", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "FunctionExecutionUnits", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-FunctionExecutionUnits-threshold-Override_'), field('tags._amba-FunctionExecutionUnits-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Handles_dc560ab2-18ad-49ae-9937-9b9a770faaab.json b/services/Web/sites/templates/policy/Handles_dc560ab2-18ad-49ae-9937-9b9a770faaab.json new file mode 100644 index 000000000..809d76332 --- /dev/null +++ b/services/Web/sites/templates/policy/Handles_dc560ab2-18ad-49ae-9937-9b9a770faaab.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "dc560ab2-18ad-49ae-9937-9b9a770faaab", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Handles Alert", + "description": "Policy to Audit/Deploy Web sites Handles Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "Low" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Handles" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "GreaterOrLessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": 4 + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": 4 + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Handles')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Handles", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Handles", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Handles", + "operator": "GreaterOrLessThan", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": 4, + "numberOfEvaluationPeriods": 4 + }, + "timeAggregation": "Average", + "criterionType": "DynamicThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/HealthCheckStatus_ff5238a3-e40f-47c7-a142-f7a19b7764f9.json b/services/Web/sites/templates/policy/HealthCheckStatus_ff5238a3-e40f-47c7-a142-f7a19b7764f9.json new file mode 100644 index 000000000..a5def10b6 --- /dev/null +++ b/services/Web/sites/templates/policy/HealthCheckStatus_ff5238a3-e40f-47c7-a142-f7a19b7764f9.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "ff5238a3-e40f-47c7-a142-f7a19b7764f9", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots HealthCheckStatus Alert", + "description": "Policy to Audit/Deploy Web sites slots HealthCheckStatus Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "100" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "HealthCheckStatus" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "LessThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-HealthCheckStatus-threshold-Override_'), field('tags._amba-HealthCheckStatus-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-HealthCheckStatus')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots HealthCheckStatus", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "HealthCheckStatus", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "HealthCheckStatus", + "operator": "LessThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-HealthCheckStatus-threshold-Override_'), field('tags._amba-HealthCheckStatus-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/HttpResponseTime_b4e2bc80-9307-44d8-89f1-04c7133f37fc.json b/services/Web/sites/templates/policy/HttpResponseTime_b4e2bc80-9307-44d8-89f1-04c7133f37fc.json new file mode 100644 index 000000000..d1469a3e0 --- /dev/null +++ b/services/Web/sites/templates/policy/HttpResponseTime_b4e2bc80-9307-44d8-89f1-04c7133f37fc.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "b4e2bc80-9307-44d8-89f1-04c7133f37fc", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots HttpResponseTime Alert", + "description": "Policy to Audit/Deploy Web sites slots HttpResponseTime Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "HttpResponseTime" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-HttpResponseTime-threshold-Override_'), field('tags._amba-HttpResponseTime-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-HttpResponseTime')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots HttpResponseTime", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "HttpResponseTime", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "HttpResponseTime", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-HttpResponseTime-threshold-Override_'), field('tags._amba-HttpResponseTime-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Http_02ef5600-fed6-474a-8fbb-5ed088b04d0d.json b/services/Web/sites/templates/policy/Http_02ef5600-fed6-474a-8fbb-5ed088b04d0d.json new file mode 100644 index 000000000..a336bf49d --- /dev/null +++ b/services/Web/sites/templates/policy/Http_02ef5600-fed6-474a-8fbb-5ed088b04d0d.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "02ef5600-fed6-474a-8fbb-5ed088b04d0d", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Http406 Alert", + "description": "Policy to Audit/Deploy Web sites Http406 Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http406" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http406-threshold-Override_'), field('tags._amba-Http406-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http406')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Http406", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http406", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Http406", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http406-threshold-Override_'), field('tags._amba-Http406-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Http_265b54e0-33a0-44b3-9f7b-ce53328439e3.json b/services/Web/sites/templates/policy/Http_265b54e0-33a0-44b3-9f7b-ce53328439e3.json new file mode 100644 index 000000000..d27fca7b9 --- /dev/null +++ b/services/Web/sites/templates/policy/Http_265b54e0-33a0-44b3-9f7b-ce53328439e3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "265b54e0-33a0-44b3-9f7b-ce53328439e3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots Http404 Alert", + "description": "Policy to Audit/Deploy Web sites slots Http404 Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "30" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http404" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http404-threshold-Override_'), field('tags._amba-Http404-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http404')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots Http404", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http404", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "Http404", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http404-threshold-Override_'), field('tags._amba-Http404-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Http_67ca6d43-ab88-4fb8-9c18-2862765681e6.json b/services/Web/sites/templates/policy/Http_67ca6d43-ab88-4fb8-9c18-2862765681e6.json new file mode 100644 index 000000000..b7700ab05 --- /dev/null +++ b/services/Web/sites/templates/policy/Http_67ca6d43-ab88-4fb8-9c18-2862765681e6.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "67ca6d43-ab88-4fb8-9c18-2862765681e6", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots Http403 Alert", + "description": "Policy to Audit/Deploy Web sites slots Http403 Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "0" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http403" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http403-threshold-Override_'), field('tags._amba-Http403-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http403')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots Http403", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http403", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "Http403", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http403-threshold-Override_'), field('tags._amba-Http403-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Http_a8024ffc-b3b7-48eb-8f24-ae7da834cde2.json b/services/Web/sites/templates/policy/Http_a8024ffc-b3b7-48eb-8f24-ae7da834cde2.json new file mode 100644 index 000000000..205a09244 --- /dev/null +++ b/services/Web/sites/templates/policy/Http_a8024ffc-b3b7-48eb-8f24-ae7da834cde2.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "a8024ffc-b3b7-48eb-8f24-ae7da834cde2", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Http401 Alert", + "description": "Policy to Audit/Deploy Web sites Http401 Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "2" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "20" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http401" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http401-threshold-Override_'), field('tags._amba-Http401-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http401')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Http401", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http401", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Http401", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http401-threshold-Override_'), field('tags._amba-Http401-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Httpxx_0853a13e-b316-4ea0-98a2-9d722a508d1e.json b/services/Web/sites/templates/policy/Httpxx_0853a13e-b316-4ea0-98a2-9d722a508d1e.json new file mode 100644 index 000000000..8321a7a65 --- /dev/null +++ b/services/Web/sites/templates/policy/Httpxx_0853a13e-b316-4ea0-98a2-9d722a508d1e.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0853a13e-b316-4ea0-98a2-9d722a508d1e", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Http3xx Alert", + "description": "Policy to Audit/Deploy Web sites Http3xx Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "15" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http3xx" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http3xx-threshold-Override_'), field('tags._amba-Http3xx-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http3xx')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Http3xx", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http3xx", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Http3xx", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http3xx-threshold-Override_'), field('tags._amba-Http3xx-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Httpxx_0bdd95e0-1d48-40e5-85c7-cd8008b966b0.json b/services/Web/sites/templates/policy/Httpxx_0bdd95e0-1d48-40e5-85c7-cd8008b966b0.json new file mode 100644 index 000000000..ede57542e --- /dev/null +++ b/services/Web/sites/templates/policy/Httpxx_0bdd95e0-1d48-40e5-85c7-cd8008b966b0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "0bdd95e0-1d48-40e5-85c7-cd8008b966b0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots Http4xx Alert", + "description": "Policy to Audit/Deploy Web sites slots Http4xx Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT30M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT15M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "5" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http4xx" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http4xx-threshold-Override_'), field('tags._amba-Http4xx-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http4xx')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots Http4xx", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http4xx", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "Http4xx", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http4xx-threshold-Override_'), field('tags._amba-Http4xx-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Httpxx_e4fa68d2-55cd-4371-9574-95ae5c34d4ae.json b/services/Web/sites/templates/policy/Httpxx_e4fa68d2-55cd-4371-9574-95ae5c34d4ae.json new file mode 100644 index 000000000..cb77861f3 --- /dev/null +++ b/services/Web/sites/templates/policy/Httpxx_e4fa68d2-55cd-4371-9574-95ae5c34d4ae.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "e4fa68d2-55cd-4371-9574-95ae5c34d4ae", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Http2xx Alert", + "description": "Policy to Audit/Deploy Web sites Http2xx Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "15" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http2xx" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http2xx-threshold-Override_'), field('tags._amba-Http2xx-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http2xx')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Http2xx", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http2xx", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Http2xx", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http2xx-threshold-Override_'), field('tags._amba-Http2xx-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Httpxx_fe7cfeb1-c18f-4822-8e6c-fb73dcd175a8.json b/services/Web/sites/templates/policy/Httpxx_fe7cfeb1-c18f-4822-8e6c-fb73dcd175a8.json new file mode 100644 index 000000000..d29bce6d6 --- /dev/null +++ b/services/Web/sites/templates/policy/Httpxx_fe7cfeb1-c18f-4822-8e6c-fb73dcd175a8.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fe7cfeb1-c18f-4822-8e6c-fb73dcd175a8", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites slots Http5xx Alert", + "description": "Policy to Audit/Deploy Web sites slots Http5xx Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites/slots" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Http5xx" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/slots/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Http5xx-threshold-Override_'), field('tags._amba-Http5xx-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Http5xx')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites slots Http5xx", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Http5xx", + "metricNamespace": "Microsoft.Web/sites/slots", + "metricName": "Http5xx", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Http5xx-threshold-Override_'), field('tags._amba-Http5xx-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/MemoryWorkingSet_93768520-ab75-4e4e-b39b-a210a32379c0.json b/services/Web/sites/templates/policy/MemoryWorkingSet_93768520-ab75-4e4e-b39b-a210a32379c0.json new file mode 100644 index 000000000..241e350bb --- /dev/null +++ b/services/Web/sites/templates/policy/MemoryWorkingSet_93768520-ab75-4e4e-b39b-a210a32379c0.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "93768520-ab75-4e4e-b39b-a210a32379c0", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites MemoryWorkingSet Alert", + "description": "Policy to Audit/Deploy Web sites MemoryWorkingSet Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1500000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "MemoryWorkingSet" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-MemoryWorkingSet-threshold-Override_'), field('tags._amba-MemoryWorkingSet-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-MemoryWorkingSet')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites MemoryWorkingSet", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "MemoryWorkingSet", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "MemoryWorkingSet", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-MemoryWorkingSet-threshold-Override_'), field('tags._amba-MemoryWorkingSet-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/PrivateBytes_3acdc4ab-514c-42c3-82e1-cb41fa338c2f.json b/services/Web/sites/templates/policy/PrivateBytes_3acdc4ab-514c-42c3-82e1-cb41fa338c2f.json new file mode 100644 index 000000000..8ab0a9d16 --- /dev/null +++ b/services/Web/sites/templates/policy/PrivateBytes_3acdc4ab-514c-42c3-82e1-cb41fa338c2f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "3acdc4ab-514c-42c3-82e1-cb41fa338c2f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites PrivateBytes Alert", + "description": "Policy to Audit/Deploy Web sites PrivateBytes Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1200000000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "PrivateBytes" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-PrivateBytes-threshold-Override_'), field('tags._amba-PrivateBytes-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-PrivateBytes')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites PrivateBytes", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "PrivateBytes", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "PrivateBytes", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-PrivateBytes-threshold-Override_'), field('tags._amba-PrivateBytes-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/RequestsInApplicationQueue_2e62242b-6d20-44b5-86f9-f9a0de8ffe3f.json b/services/Web/sites/templates/policy/RequestsInApplicationQueue_2e62242b-6d20-44b5-86f9-f9a0de8ffe3f.json new file mode 100644 index 000000000..4845dae80 --- /dev/null +++ b/services/Web/sites/templates/policy/RequestsInApplicationQueue_2e62242b-6d20-44b5-86f9-f9a0de8ffe3f.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "2e62242b-6d20-44b5-86f9-f9a0de8ffe3f", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites RequestsInApplicationQueue Alert", + "description": "Policy to Audit/Deploy Web sites RequestsInApplicationQueue Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "10" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "RequestsInApplicationQueue" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Maximum" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-RequestsInApplicationQueue-threshold-Override_'), field('tags._amba-RequestsInApplicationQueue-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-RequestsInApplicationQueue')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites RequestsInApplicationQueue", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "RequestsInApplicationQueue", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "RequestsInApplicationQueue", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Maximum", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-RequestsInApplicationQueue-threshold-Override_'), field('tags._amba-RequestsInApplicationQueue-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Requests_fa87c863-2d21-4b9d-897f-452fd35b06c3.json b/services/Web/sites/templates/policy/Requests_fa87c863-2d21-4b9d-897f-452fd35b06c3.json new file mode 100644 index 000000000..77d956a8a --- /dev/null +++ b/services/Web/sites/templates/policy/Requests_fa87c863-2d21-4b9d-897f-452fd35b06c3.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "fa87c863-2d21-4b9d-897f-452fd35b06c3", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Requests Alert", + "description": "Policy to Audit/Deploy Web sites Requests Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "3" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT1M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "1000" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Requests" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Requests-threshold-Override_'), field('tags._amba-Requests-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Requests')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Requests", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Requests", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Requests", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Requests-threshold-Override_'), field('tags._amba-Requests-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/Threads_9e412261-433b-45fd-8944-2f891bf14a56.json b/services/Web/sites/templates/policy/Threads_9e412261-433b-45fd-8944-2f891bf14a56.json new file mode 100644 index 000000000..adaac2296 --- /dev/null +++ b/services/Web/sites/templates/policy/Threads_9e412261-433b-45fd-8944-2f891bf14a56.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "9e412261-433b-45fd-8944-2f891bf14a56", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites Threads Alert", + "description": "Policy to Audit/Deploy Web sites Threads Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "4" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT15M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "200" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "Threads" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Average" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-Threads-threshold-Override_'), field('tags._amba-Threads-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-Threads')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites Threads", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "Threads", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "Threads", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Average", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-Threads-threshold-Override_'), field('tags._amba-Threads-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/WorkflowRunsFailureRate_89ec4b6f-d1b2-4402-8a1d-48440624fc31.json b/services/Web/sites/templates/policy/WorkflowRunsFailureRate_89ec4b6f-d1b2-4402-8a1d-48440624fc31.json new file mode 100644 index 000000000..7cecf46df --- /dev/null +++ b/services/Web/sites/templates/policy/WorkflowRunsFailureRate_89ec4b6f-d1b2-4402-8a1d-48440624fc31.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "89ec4b6f-d1b2-4402-8a1d-48440624fc31", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites WorkflowRunsFailureRate Alert", + "description": "Policy to Audit/Deploy Web sites WorkflowRunsFailureRate Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "0" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "WorkflowRunsFailureRate" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-WorkflowRunsFailureRate-threshold-Override_'), field('tags._amba-WorkflowRunsFailureRate-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-WorkflowRunsFailureRate')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites WorkflowRunsFailureRate", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "WorkflowRunsFailureRate", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "WorkflowRunsFailureRate", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-WorkflowRunsFailureRate-threshold-Override_'), field('tags._amba-WorkflowRunsFailureRate-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} diff --git a/services/Web/sites/templates/policy/WorkflowTriggersFailureRate_8a492278-c49f-4e4c-8fd5-a1680590864a.json b/services/Web/sites/templates/policy/WorkflowTriggersFailureRate_8a492278-c49f-4e4c-8fd5-a1680590864a.json new file mode 100644 index 000000000..722183d89 --- /dev/null +++ b/services/Web/sites/templates/policy/WorkflowTriggersFailureRate_8a492278-c49f-4e4c-8fd5-a1680590864a.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "8a492278-c49f-4e4c-8fd5-a1680590864a", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "Deploy Web sites WorkflowTriggersFailureRate Alert", + "description": "Policy to Audit/Deploy Web sites WorkflowTriggersFailureRate Alert", + "metadata": { + "version": "1.0.0-preview", + "category": "Web", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "1" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "PT5M" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "PT5M" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "50" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "Microsoft.Web/sites" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "Microsoft.Web/sites" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "WorkflowTriggersFailureRate" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/sites/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "Total" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "GreaterThan" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-WorkflowTriggersFailureRate-threshold-Override_'), field('tags._amba-WorkflowTriggersFailureRate-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-WorkflowTriggersFailureRate')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for Web sites WorkflowTriggersFailureRate", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "WorkflowTriggersFailureRate", + "metricNamespace": "Microsoft.Web/sites", + "metricName": "WorkflowTriggersFailureRate", + "operator": "GreaterThan", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "Total", + "criterionType": "StaticThresholdCriterion" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-WorkflowTriggersFailureRate-threshold-Override_'), field('tags._amba-WorkflowTriggersFailureRate-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +} From b28baef6a97c38e3fd56d9ebe56446073e850e97 Mon Sep 17 00:00:00 2001 From: Arjen Huitema Date: Fri, 2 Aug 2024 10:38:00 +0200 Subject: [PATCH 2/3] Initial script to automatically generate policies --- .../generate-templates/generate-policies.ps1 | 115 ++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 tooling/generate-templates/generate-policies.ps1 diff --git a/tooling/generate-templates/generate-policies.ps1 b/tooling/generate-templates/generate-policies.ps1 new file mode 100644 index 000000000..e70bc4b72 --- /dev/null +++ b/tooling/generate-templates/generate-policies.ps1 @@ -0,0 +1,115 @@ +<# + .SYNOPSIS + This script generates policy templates based on YAML files containing alert configurations. + + .DESCRIPTION + The script processes each YAML file in the specified directory and generates policy templates based on the alert configurations defined in the YAML files. It creates policy templates in the specified output directory. + + .PARAMETER None + This script does not take any parameters. + + .NOTES + Requires yq to be installed. yq is a lightweight and portable command-line YAML processor. It can be downloaded from https://github.com/mikefarah/yq + + .EXAMPLE + .\generate-policies.ps1 + + .LINK + https://github.com/Azure/azure-monitor-baseline-alerts +#> + +begin { + # Get all yaml files in services directory + $alertsYaml = Get-ChildItem -Path ../../services/*.yaml -Recurse | Select-Object FullName +} +process { + # Process each yaml file in parallel + $alertsYaml | ForEach-Object -Parallel { + Write-Output "Processing $($_.FullName)" + # Convert yaml to json + $alertJson = yq e -o=json $_.FullName + $alertJsonObject = $alertJson | ConvertFrom-Json + + # Process each alert in the yaml file + foreach ($alert in $alertJsonObject) { + $policyPathName = $_.FullName -replace "alerts.yaml", "" + $policyFileName = "$($alert.properties.metricName)" -replace "[^a-zA-Z_]", "" + $policyDirectory = "$($policyPathName)templates\policy" + # Check if the alert has a deployment template and has a deployment tag of "alz" + if ((Test-Path -Path "$($policyPathName)$($alert.deployments.template)") -and $alert.deployments.tags -eq "alz") { + if (-not (Test-Path -Path $policyDirectory)) { + New-Item -ItemType Directory -Path $policyDirectory -Force + } + if ($policyFileName -eq "") { + $policyFileName = $alert.name -replace "[^a-zA-Z_]", "" + } + # Copy the deployment template to the policy directory + Copy-Item -Path "$($policyPathName)$($alert.deployments.template)" -Destination "$($policyPathName)templates\policy\$($policyFileName)_$($alert.guid).json" + } + # Generate policy template based on the alert configuration + If ($alert.type -eq "Metric") { + if ($alert.type -eq "Metric" -and $alert.properties.criterionType -eq "StaticThresholdCriterion") { + $alertTemplate = Get-Content "C:\Repos\azure-monitor-baseline-alerts\tooling\generate-templates\policy\metric-static.json" + } + if ($alert.type -eq "Metric" -and $alert.properties.criterionType -eq "DynamicThresholdCriterion") { + $alertTemplate = Get-Content "C:\Repos\azure-monitor-baseline-alerts\tooling\generate-templates\policy\metric-dynamic.json" + } + # TODO: Add support for Log alerts, need to fix query format and dimensions + #if ($alert.type -eq "Log") { + # $alertTemplate = Get-Content "C:\Repos\azure-monitor-baseline-alerts\tooling\generate-templates\policy\log.json" + #} + # TODO: Add support for Activity Log alerts, dependecy on resource type + #if ($alert.type -eq "ActivityLog" -and $alert.properties.category -eq "Administrative") { + # $alertTemplate = Get-Content "C:\Repos\azure-monitor-baseline-alerts\tooling\generate-templates\policy\activity-administrative.json" + #} + $alertTemplate = $alertTemplate -replace "##POLICY_NAME##", $alert.guid + if ($alert.deployments.name -ne $null) { + $alertTemplate = $alertTemplate -replace "##POLICY_DISPLAY_NAME##", $alert.deployments.name + $alertTemplate = $alertTemplate -replace "##POLICY_DESCRIPTION##", "Policy to Audit/$($alert.deployments.name)" + } + if ($alert.deployments.name -eq $null) { + $serviceName = $alert.properties.metricNamespace -replace "Microsoft.", "" + $serviceName = $serviceName -replace "[/]", " " + $alertTemplate = $alertTemplate -replace "##POLICY_DISPLAY_NAME##", "Deploy $($serviceName) $($alert.properties.metricName) Alert" + $alertTemplate = $alertTemplate -replace "##POLICY_DESCRIPTION##", "Policy to Audit/Deploy $($serviceName) $($alert.properties.metricName) Alert" + } + $category = $alert.properties.metricNamespace -replace "Microsoft.", "" + $category = $category -replace "/.+", "" + $alertTemplate = $alertTemplate -replace "##POLICY_CATEGORY##", $category + $serviceName = $alert.properties.metricNamespace -replace "Microsoft.", "" + $serviceName = $serviceName -replace "[/]", " " + $alertTemplate = $alertTemplate -replace "##SERVICE##", $serviceName + $alertTemplate = $alertTemplate -replace "##SEVERITY##", $alert.properties.severity + $alertTemplate = $alertTemplate -replace "##WINDOW_SIZE##", $alert.properties.windowSize + $alertTemplate = $alertTemplate -replace "##EVALUATION_FREQUENCY##", $alert.properties.evaluationFrequency + $alertTemplate = $alertTemplate -replace "##THRESHOLD##", $alert.properties.threshold + $alertTemplate = $alertTemplate -replace "##METRIC_NAMESPACE##", $alert.properties.metricNamespace + $alertTemplate = $alertTemplate -replace "##METRIC_NAME##", $alert.properties.metricName + $alertTemplate = $alertTemplate -replace "##TIME_AGGREGATION##", $alert.properties.timeAggregation + $alertTemplate = $alertTemplate -replace "##OPERATOR##", $alert.properties.operator + $alertTemplate = $alertTemplate -replace "##CRITERION_TYPE##", $alert.properties.criterionType + $alertTemplate = $alertTemplate -replace "##ALERT_SENSITIVITY##", $alert.properties.alertSensitivity + $alertTemplate = $alertTemplate -replace "##MIN_FAILING_PERIODS##", $alert.properties.failingPeriods.minFailingPeriodsToAlert + $alertTemplate = $alertTemplate -replace "##NUMBER_OF_EVALUATION_PERIODS##", $alert.properties.failingPeriods.numberOfEvaluationPeriods + $alertTemplate = $alertTemplate -replace "##RESOURCE_TYPE##" + $alertName = $alert.name -replace "[^a-zA-Z_]", "" + $alertTemplate = $alertTemplate -replace "##ALERT_NAME##", $alertName + $alertTemplate = $alertTemplate -replace "##ALERT_DESCRIPTION##", $alert.description + $alertTemplate = $alertTemplate -replace "##QUERY##", $alert.properties.query + $alertTemplate = $alertTemplate -replace "##DIMENSIONS##", $alert.properties.dimensions + $alertTemplate = $alertTemplate -replace "##OPERATION_NAME##", $alert.properties.operationName + if (-not (Test-Path -Path $policyDirectory)) { + New-Item -ItemType Directory -Path $policyDirectory -Force + } + if ($policyFileName -eq "") { + $policyFileName = $alert.name -replace "[^a-zA-Z_]", "" + } + # Write the policy template to a file + Out-File -FilePath "$($policyPathName)templates\policy\$($policyFileName)_$($alert.guid).json" -InputObject $alertTemplate + } + } + } -ThrottleLimit 10 +} +end { + Write-Output "Policy templates generated successfully." +} From 6ccad829c9ef97b5f80879b8befc6d746a98ca5d Mon Sep 17 00:00:00 2001 From: Arjen Huitema Date: Fri, 2 Aug 2024 10:38:27 +0200 Subject: [PATCH 3/3] Initial policy template --- .../policy/activity-administrative.json | 285 +++++++++ tooling/generate-templates/policy/log.json | 603 ++++++++++++++++++ .../policy/metric-dynamic.json | 350 ++++++++++ .../policy/metric-static.json | 333 ++++++++++ 4 files changed, 1571 insertions(+) create mode 100644 tooling/generate-templates/policy/activity-administrative.json create mode 100644 tooling/generate-templates/policy/log.json create mode 100644 tooling/generate-templates/policy/metric-dynamic.json create mode 100644 tooling/generate-templates/policy/metric-static.json diff --git a/tooling/generate-templates/policy/activity-administrative.json b/tooling/generate-templates/policy/activity-administrative.json new file mode 100644 index 000000000..9eb7c057e --- /dev/null +++ b/tooling/generate-templates/policy/activity-administrative.json @@ -0,0 +1,285 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "##POLICY_NAME##", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "##POLICY_DISPLAY_NAME##", + "description": "##POLICY_DESCRIPTION##", + "metadata": { + "version": "1.0.0-preview", + "category": "##POLICY_CATEGORY##", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "Project": "amba-monitoring" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "ALZ Monitoring disabled tag name", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "ALZ Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "##RESOURCE_TYPE##" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/activityLogAlerts", + "name": "##ALERT_NAME##", + "existenceScope": "resourceGroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "count": { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", + "where": { + "anyOf": [ + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "category" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "Administrative" + } + ] + }, + { + "allOf": [ + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field", + "equals": "operationName" + }, + { + "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals", + "equals": "##OPERATION_NAME##" + } + ] + } + ] + } + }, + "equals": 2 + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "enabled": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2020-10-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "##ALERT_NAME##", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "microsoft.insights/activityLogAlerts", + "apiVersion": "2020-10-01", + "name": "##ALERT_NAME##", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "##ALERT_DESCRIPTION##", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().id]" + ], + "condition": { + "allOf": [ + { + "field": "category", + "equals": "Administrative" + }, + { + "field": "operationName", + "equals": "##OPERATION_NAME##" + }, + { + "field": "status", + "containsAny": [ + "succeeded" + ] + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + } + } + } + } + } + } + } + } +} diff --git a/tooling/generate-templates/policy/log.json b/tooling/generate-templates/policy/log.json new file mode 100644 index 000000000..dfad50051 --- /dev/null +++ b/tooling/generate-templates/policy/log.json @@ -0,0 +1,603 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "##POLICY_NAME##", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "##POLICY_DISPLAY_NAME##", + "description": "##POLICY_DESCRIPTION##", + "metadata": { + "version": "1.0.0-preview", + "category": "##POLICY_CATEGORY##", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "alertResourceGroupName": { + "type": "String", + "metadata": { + "displayName": "Resource Group Name", + "description": "Resource group the alert is placed in" + }, + "defaultValue": "rg-amba-monitoring-001" + }, + "alertResourceGroupTags": { + "type": "Object", + "metadata": { + "displayName": "Resource Group Tags", + "description": "Tags on the Resource group the alert is placed in" + }, + "defaultValue": { + "Project": "amba-monitoring" + } + }, + "alertResourceGroupLocation": { + "type": "String", + "metadata": { + "displayName": "Resource Group Location", + "description": "Location of the Resource group the alert is placed in" + }, + "defaultValue": "centralus" + }, + "UAMIResourceId": { + "type": "string", + "defaultValue": "", + "metadata": { + "description": "The resource Id of the user assigned managed identity.", + "displayName": "User Assigned managed Identity resource Id." + } + }, + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "##SEVERITY##" + }, + "operator": { + "type": "String", + "metadata": { + "displayName": "Operator" + }, + "allowedValues": [ + "GreaterThan" + ], + "defaultValue": "##OPERATOR##" + }, + "timeAggregation": { + "type": "String", + "metadata": { + "displayName": "TimeAggregation" + }, + "allowedValues": [ + "Count" + ], + "defaultValue": "##TIME_AGGREGATION##" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "PT24H" + ], + "defaultValue": "##WINDOW_SIZE##" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "##EVALUATION_FREQUENCY##" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolve": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "autoResolveTime": { + "type": "String", + "metadata": { + "displayName": "Auto Resolve", + "description": "Auto Resolve time for the alert in ISO 8601 format" + }, + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "##THRESHOLD##" + }, + "failingPeriods": { + "type": "String", + "metadata": { + "displayName": "Failing Periods", + "description": "Number of failing periods before alert is fired" + }, + "defaultValue": "##MIN_FAILING_PERIODS##" + }, + "evaluationPeriods": { + "type": "String", + "metadata": { + "displayName": "Evaluation Periods", + "description": "The number of aggregated lookback points." + }, + "defaultValue": "##NUMBER_OF_EVALUATION_PERIODS##" + }, + "computersToInclude": { + "type": "array", + "metadata": { + "displayName": "Computers to be included to be monitored", + "description": "Array of Computer to be monitored" + }, + "defaultValue": [ + "*" + ] + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled" + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "##RESOURCE_TYPE##" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/scheduledQueryRules", + "existenceScope": "resourceGroup", + "resourceGroupName": "[[parameters('alertResourceGroupName')]", + "deploymentScope": "subscription", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/scheduledQueryRules/displayName", + "equals": "[[concat(subscription().displayName, '-##ALERT_NAME##')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]", + "equals": "[[subscription().id]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator", + "equals": "[[parameters('operator')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation", + "equals": "[[parameters('timeAggregation')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods", + "equals": "[[parameters('evaluationPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert", + "equals": "[[parameters('failingPeriods')]" + }, + { + "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query", + "equals": "##QUERY##" + }, + { + "field": "identity.userAssignedIdentities", + "containsKey": "[[parameters('UAMIResourceId')]" + } + ] + }, + "deployment": { + "location": "northeurope", + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupTags": { + "type": "object" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "UAMIResourceId": { + "type": "string" + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "autoResolve": { + "type": "String" + }, + "autoResolveTime": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + }, + "operator": { + "type": "String" + }, + "timeAggregation": { + "type": "String" + }, + "failingPeriods": { + "type": "String" + }, + "evaluationPeriods": { + "type": "String" + }, + "computersToInclude": { + "type": "array" + }, + "MonitorDisableTagName": { + "type": "String" + }, + "MonitorDisableTagValues": { + "type": "Array" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Resources/resourceGroups", + "apiVersion": "2021-04-01", + "name": "[[parameters('alertResourceGroupName')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "tags": "[[parameters('alertResourceGroupTags')]" + }, + { + "type": "Microsoft.Resources/deployments", + "apiVersion": "2019-10-01", + "name": "##ALERT_NAME##", + "resourceGroup": "[[parameters('alertResourceGroupName')]", + "dependsOn": [ + "[[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" + ], + "properties": { + "mode": "Incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "enabled": { + "type": "string" + }, + "alertResourceGroupName": { + "type": "string" + }, + "alertResourceGroupLocation": { + "type": "string" + }, + "UAMIResourceId": { + "type": "string" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/scheduledQueryRules", + "apiVersion": "2022-08-01-preview", + "name": "[[concat(subscription().displayName, '-##ALERT_NAME##')]", + "location": "[[parameters('alertResourceGroupLocation')]", + "identity": { + "type": "UserAssigned", + "userAssignedIdentities": { + "[[parameters('UAMIResourceId')]": {} + } + }, + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "displayName": "[[concat(subscription().displayName, '-##ALERT_NAME##')]", + "description": "##ALERT_DESCRIPTION##", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[subscription().Id]" + ], + "targetResourceTypes": [ + "##RESOURCE_TYPE##" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "query": "##QUERY##", + "threshold": 0, + "operator": "[[parameters('operator')]", + "resourceIdColumn": "_ResourceId", + "timeAggregation": "[[parameters('timeAggregation')]", + "dimensions": [ + ##DIMENSIONS## + ], + "failingPeriods": { + "numberOfEvaluationPeriods": "[[parameters('evaluationPeriods')]", + "minFailingPeriodsToAlert": "[[parameters('failingPeriods')]" + } + } + ] + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "ruleResolveConfiguration": { + "autoResolved": "[[parameters('autoResolve')]", + "timeToResolve": "[[parameters('autoResolveTime')]" + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "UAMIResourceId": { + "value": "[[parameters('UAMIResourceId')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "MonitorDisableTagName": { + "value": "[[parameters('MonitorDisableTagName')]" + }, + "MonitorDisableTagValues": { + "value": "[[parameters('MonitorDisableTagValues')]" + } + } + } + } + ] + }, + "parameters": { + "enabled": { + "value": "[[parameters('enabled')]" + }, + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "UAMIResourceId": { + "value": "[[parameters('UAMIResourceId')]" + } + } + } + } + ] + }, + "parameters": { + "alertResourceGroupName": { + "value": "[[parameters('alertResourceGroupName')]" + }, + "alertResourceGroupTags": { + "value": "[[parameters('alertResourceGroupTags')]" + }, + "alertResourceGroupLocation": { + "value": "[[parameters('alertResourceGroupLocation')]" + }, + "UAMIResourceId": { + "value": "[[parameters('UAMIResourceId')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "autoResolve": { + "value": "[[parameters('autoResolve')]" + }, + "autoResolveTime": { + "value": "[[parameters('autoResolveTime')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + }, + "operator": { + "value": "[[parameters('operator')]" + }, + "timeAggregation": { + "value": "[[parameters('timeAggregation')]" + }, + "failingPeriods": { + "value": "[[parameters('failingPeriods')]" + }, + "evaluationPeriods": { + "value": "[[parameters('evaluationPeriods')]" + }, + "computersToInclude": { + "value": "[[parameters('computersToInclude')]" + }, + "MonitorDisableTagName": { + "value": "[[parameters('MonitorDisableTagName')]" + }, + "MonitorDisableTagValues": { + "value": "[[parameters('MonitorDisableTagValues')]" + } + } + } + } + } + } + } + } +} diff --git a/tooling/generate-templates/policy/metric-dynamic.json b/tooling/generate-templates/policy/metric-dynamic.json new file mode 100644 index 000000000..8d2e16839 --- /dev/null +++ b/tooling/generate-templates/policy/metric-dynamic.json @@ -0,0 +1,350 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "##POLICY_NAME##", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "##POLICY_DISPLAY_NAME##", + "description": "##POLICY_DESCRIPTION##", + "metadata": { + "version": "1.0.0-preview", + "category": "##POLICY_CATEGORY##", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "##SEVERITY##" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "##WINDOW_SIZE##" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "##EVALUATION_FREQUENCY##" + }, + "alertSensitivity": { + "type": "String", + "metadata": { + "displayName": "Alert Sensitivity", + "description": "Alert Sensitivity for the alert" + }, + "allowedValues": [ + "Low", + "Medium", + "High" + ], + "defaultValue": "##ALERT_SENSITIVITY##" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "##METRIC_NAMESPACE##" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "##METRIC_NAMESPACE##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "##METRIC_NAME##" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/##METRIC_NAMESPACE##/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "##TIME_AGGREGATION##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator", + "equals": "##OPERATOR##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity", + "equals": "[[parameters('alertSensitivity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert", + "equals": ##MIN_FAILING_PERIODS## + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods", + "equals": ##NUMBER_OF_EVALUATION_PERIODS## + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "alertSensitivity": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-##METRIC_NAME##')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ##SERVICE## ##METRIC_NAME##", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "##METRIC_NAME##", + "metricNamespace": "##METRIC_NAMESPACE##", + "metricName": "##METRIC_NAME##", + "operator": "##OPERATOR##", + "alertSensitivity": "[[parameters('alertSensitivity')]", + "failingPeriods": { + "minFailingPeriodsToAlert": ##MIN_FAILING_PERIODS##, + "numberOfEvaluationPeriods": ##NUMBER_OF_EVALUATION_PERIODS## + }, + "timeAggregation": "##TIME_AGGREGATION##", + "criterionType": "##CRITERION_TYPE##" + } + ], + "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "alertSensitivity": { + "value": "[[parameters('alertSensitivity')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + } + } + } + } + } + } + } + } +} diff --git a/tooling/generate-templates/policy/metric-static.json b/tooling/generate-templates/policy/metric-static.json new file mode 100644 index 000000000..239357421 --- /dev/null +++ b/tooling/generate-templates/policy/metric-static.json @@ -0,0 +1,333 @@ +{ + "type": "Microsoft.Authorization/policyDefinitions", + "apiVersion": "2021-06-01", + "name": "##POLICY_NAME##", + "properties": { + "policyType": "Custom", + "mode": "All", + "displayName": "##POLICY_DISPLAY_NAME##", + "description": "##POLICY_DESCRIPTION##", + "metadata": { + "version": "1.0.0-preview", + "category": "##POLICY_CATEGORY##", + "preview": true, + "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", + "alzCloudEnvironments": [ + "AzureCloud" + ], + "_deployed_by_amba": "True" + }, + "parameters": { + "severity": { + "type": "String", + "metadata": { + "displayName": "Severity", + "description": "Severity of the Alert" + }, + "allowedValues": [ + "0", + "1", + "2", + "3", + "4" + ], + "defaultValue": "##SEVERITY##" + }, + "windowSize": { + "type": "String", + "metadata": { + "displayName": "Window Size", + "description": "Window size for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H", + "PT6H", + "PT12H", + "P1D" + ], + "defaultValue": "##WINDOW_SIZE##" + }, + "evaluationFrequency": { + "type": "String", + "metadata": { + "displayName": "Evaluation Frequency", + "description": "Evaluation frequency for the alert" + }, + "allowedValues": [ + "PT1M", + "PT5M", + "PT15M", + "PT30M", + "PT1H" + ], + "defaultValue": "##EVALUATION_FREQUENCY##" + }, + "autoMitigate": { + "type": "String", + "metadata": { + "displayName": "Auto Mitigate", + "description": "Auto Mitigate for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "enabled": { + "type": "String", + "metadata": { + "displayName": "Alert State", + "description": "Alert state for the alert" + }, + "allowedValues": [ + "true", + "false" + ], + "defaultValue": "true" + }, + "threshold": { + "type": "String", + "metadata": { + "displayName": "Threshold", + "description": "Threshold for the alert" + }, + "defaultValue": "##THRESHOLD##" + }, + "effect": { + "type": "String", + "metadata": { + "displayName": "Effect", + "description": "Effect of the policy" + }, + "allowedValues": [ + "deployIfNotExists", + "disabled" + ], + "defaultValue": "deployIfNotExists" + }, + "MonitorDisableTagName": { + "type": "String", + "metadata": { + "displayName": "Monitoring disabled tag name", + "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": "MonitorDisable" + }, + "MonitorDisableTagValues": { + "type": "Array", + "metadata": { + "displayName": "Monitoring disabled tag values(s)", + "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." + }, + "defaultValue": [ + "true", + "Test", + "Dev", + "Sandbox" + ] + } + }, + "policyRule": { + "if": { + "allOf": [ + { + "field": "type", + "equals": "##METRIC_NAMESPACE##" + }, + { + "field": "[[concat('tags[', parameters('MonitorDisableTagName'), ']')]", + "notIn": "[[parameters('MonitorDisableTagValues')]" + } + ] + }, + "then": { + "effect": "[[parameters('effect')]", + "details": { + "roleDefinitionIds": [ + "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" + ], + "type": "Microsoft.Insights/metricAlerts", + "existenceCondition": { + "allOf": [ + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace", + "equals": "##METRIC_NAMESPACE##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName", + "equals": "##METRIC_NAME##" + }, + { + "field": "Microsoft.Insights/metricalerts/scopes[*]", + "equals": "[[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/##METRIC_NAMESPACE##/', field('fullName'))]" + }, + { + "field": "Microsoft.Insights/metricAlerts/enabled", + "equals": "[[parameters('enabled')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/evaluationFrequency", + "equals": "[[parameters('evaluationFrequency')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/windowSize", + "equals": "[[parameters('windowSize')]" + }, + { + "field": "Microsoft.Insights/metricalerts/severity", + "equals": "[[parameters('severity')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/autoMitigate", + "equals": "[[parameters('autoMitigate')]" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation", + "equals": "##TIME_AGGREGATION##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator", + "equals": "##OPERATOR##" + }, + { + "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold", + "equals": "[[if(contains(field('tags'), '_amba-##METRIC_NAME##-threshold-Override_'), field('tags._amba-##METRIC_NAME##-threshold-Override_'), parameters('threshold'))]" + } + ] + }, + "deployment": { + "properties": { + "mode": "incremental", + "template": { + "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", + "contentVersion": "1.0.0.0", + "parameters": { + "resourceName": { + "type": "String", + "metadata": { + "displayName": "resourceName", + "description": "Name of the resource" + } + }, + "resourceId": { + "type": "String", + "metadata": { + "displayName": "resourceId", + "description": "Resource ID of the resource emitting the metric that will be used for the comparison" + } + }, + "severity": { + "type": "String" + }, + "windowSize": { + "type": "String" + }, + "evaluationFrequency": { + "type": "String" + }, + "autoMitigate": { + "type": "String" + }, + "enabled": { + "type": "String" + }, + "threshold": { + "type": "String" + } + }, + "variables": {}, + "resources": [ + { + "type": "Microsoft.Insights/metricAlerts", + "apiVersion": "2018-03-01", + "name": "[[concat(parameters('resourceName'), '-##METRIC_NAME##')]", + "location": "global", + "tags": { + "_deployed_by_amba": true + }, + "properties": { + "description": "Metric Alert for ##SERVICE## ##METRIC_NAME##", + "severity": "[[parameters('severity')]", + "enabled": "[[parameters('enabled')]", + "scopes": [ + "[[parameters('resourceId')]" + ], + "evaluationFrequency": "[[parameters('evaluationFrequency')]", + "windowSize": "[[parameters('windowSize')]", + "criteria": { + "allOf": [ + { + "name": "##METRIC_NAME##", + "metricNamespace": "##METRIC_NAMESPACE##", + "metricName": "##METRIC_NAME##", + "operator": "##OPERATOR##", + "threshold": "[[parameters('threshold')]", + "timeAggregation": "##TIME_AGGREGATION##", + "criterionType": "##CRITERION_TYPE##" + } + ], + "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" + }, + "autoMitigate": "[[parameters('autoMitigate')]", + "parameters": { + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[parameters('threshold')]" + } + } + } + } + ] + }, + "parameters": { + "resourceName": { + "value": "[[field('name')]" + }, + "resourceId": { + "value": "[[field('id')]" + }, + "severity": { + "value": "[[parameters('severity')]" + }, + "windowSize": { + "value": "[[parameters('windowSize')]" + }, + "evaluationFrequency": { + "value": "[[parameters('evaluationFrequency')]" + }, + "autoMitigate": { + "value": "[[parameters('autoMitigate')]" + }, + "enabled": { + "value": "[[parameters('enabled')]" + }, + "threshold": { + "value": "[[if(contains(field('tags'), '_amba-##METRIC_NAME##-threshold-Override_'), field('tags._amba-##METRIC_NAME##-threshold-Override_'), parameters('threshold'))]" + } + } + } + } + } + } + } + } +}