diff --git a/azure-resources/Compute/virtualMachineScaleSets/kql/1422c567-782c-7148-ac7c-5fc14cf45adc.kql b/azure-resources/Compute/virtualMachineScaleSets/kql/1422c567-782c-7148-ac7c-5fc14cf45adc.kql index 32b1dcf0f..2fc05dcd6 100644 --- a/azure-resources/Compute/virtualMachineScaleSets/kql/1422c567-782c-7148-ac7c-5fc14cf45adc.kql +++ b/azure-resources/Compute/virtualMachineScaleSets/kql/1422c567-782c-7148-ac7c-5fc14cf45adc.kql @@ -2,6 +2,7 @@ // Find VMSS instances with one or no Zones selected resources | where type == "microsoft.compute/virtualmachinescalesets" +| where isempty(tostring(tags['aks-managed-poolName'])) | where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where array_length(zones) <= 1 or isnull(zones) | project recommendationId = "1422c567-782c-7148-ac7c-5fc14cf45adc", name, id, tags, param1 = "AvailabilityZones: Single Zone" diff --git a/azure-resources/Compute/virtualMachineScaleSets/kql/3f85a51c-e286-9f44-b4dc-51d00768696c.kql b/azure-resources/Compute/virtualMachineScaleSets/kql/3f85a51c-e286-9f44-b4dc-51d00768696c.kql index 06ee3ae47..6dc5f9442 100644 --- a/azure-resources/Compute/virtualMachineScaleSets/kql/3f85a51c-e286-9f44-b4dc-51d00768696c.kql +++ b/azure-resources/Compute/virtualMachineScaleSets/kql/3f85a51c-e286-9f44-b4dc-51d00768696c.kql @@ -2,6 +2,7 @@ // Find VMSS instances associated with autoscale settings when predictiveAutoscalePolicy_scaleMode is disabled resources | where type == "microsoft.compute/virtualmachinescalesets" +| where isempty(tostring(tags['aks-managed-poolName'])) | project name, id, tags | join kind=leftouter ( resources diff --git a/azure-resources/Compute/virtualMachineScaleSets/kql/820f4743-1f94-e946-ae0b-45efafd87962.kql b/azure-resources/Compute/virtualMachineScaleSets/kql/820f4743-1f94-e946-ae0b-45efafd87962.kql index a36a42bc9..b5ccb9fe8 100644 --- a/azure-resources/Compute/virtualMachineScaleSets/kql/820f4743-1f94-e946-ae0b-45efafd87962.kql +++ b/azure-resources/Compute/virtualMachineScaleSets/kql/820f4743-1f94-e946-ae0b-45efafd87962.kql @@ -2,6 +2,7 @@ // Find all VMs that do NOT have automatic repair policy enabled resources | where type == "microsoft.compute/virtualmachinescalesets" +| where isempty(tostring(tags['aks-managed-poolName'])) | where properties.automaticRepairsPolicy.enabled == false | project recommendationId = "820f4743-1f94-e946-ae0b-45efafd87962", name, id, tags, param1 = "automaticRepairsPolicy: Disabled" diff --git a/azure-resources/Compute/virtualMachineScaleSets/kql/94794d2a-eff0-2345-9b67-6f9349d0a627.kql b/azure-resources/Compute/virtualMachineScaleSets/kql/94794d2a-eff0-2345-9b67-6f9349d0a627.kql index c0f7a0b2b..99b9115a0 100644 --- a/azure-resources/Compute/virtualMachineScaleSets/kql/94794d2a-eff0-2345-9b67-6f9349d0a627.kql +++ b/azure-resources/Compute/virtualMachineScaleSets/kql/94794d2a-eff0-2345-9b67-6f9349d0a627.kql @@ -2,9 +2,11 @@ // Find all VMs that do NOT have health monitoring enabled resources | where type == "microsoft.compute/virtualmachinescalesets" +| where isempty(tostring(tags['aks-managed-poolName'])) | join kind=leftouter ( resources | where type == "microsoft.compute/virtualmachinescalesets" + | where isempty(tostring(tags['aks-managed-poolName'])) | mv-expand extension=properties.virtualMachineProfile.extensionProfile.extensions | where extension.properties.type in ( "ApplicationHealthWindows", "ApplicationHealthLinux" ) | project id diff --git a/azure-resources/Compute/virtualMachineScaleSets/kql/e7495e1c-0c75-0946-b266-b429b5c7f3bf.kql b/azure-resources/Compute/virtualMachineScaleSets/kql/e7495e1c-0c75-0946-b266-b429b5c7f3bf.kql index 71985a210..aeaa8607a 100644 --- a/azure-resources/Compute/virtualMachineScaleSets/kql/e7495e1c-0c75-0946-b266-b429b5c7f3bf.kql +++ b/azure-resources/Compute/virtualMachineScaleSets/kql/e7495e1c-0c75-0946-b266-b429b5c7f3bf.kql @@ -2,6 +2,7 @@ // Find all zonal VMs that are NOT deployed with Flex orchestration mode resources | where type == "microsoft.compute/virtualmachinescalesets" +| where isempty(tostring(tags['aks-managed-poolName'])) | where properties.orchestrationMode != "Flexible" | project recommendationId = "e7495e1c-0c75-0946-b266-b429b5c7f3bf", name, id, tags, param1 = strcat("orchestrationMode: ", tostring(properties.orchestrationMode)) diff --git a/azure-resources/Compute/virtualMachineScaleSets/kql/ee66ff65-9aa3-2345-93c1-25827cf79f44.kql b/azure-resources/Compute/virtualMachineScaleSets/kql/ee66ff65-9aa3-2345-93c1-25827cf79f44.kql index 5c7adf8b4..4440490b0 100644 --- a/azure-resources/Compute/virtualMachineScaleSets/kql/ee66ff65-9aa3-2345-93c1-25827cf79f44.kql +++ b/azure-resources/Compute/virtualMachineScaleSets/kql/ee66ff65-9aa3-2345-93c1-25827cf79f44.kql @@ -2,6 +2,7 @@ // Find VMSS instances associated with autoscale settings when autoscale is disabled resources | where type == "microsoft.compute/virtualmachinescalesets" +| where isempty(tostring(tags['aks-managed-poolName'])) | project name, id, tags | join kind=leftouter ( resources