diff --git a/Definitions/policyAssignments/alerting-connectivity-policySet.jsonc b/Definitions/policyAssignments/alerting-connectivity-policySet.jsonc deleted file mode 100644 index 3a9bb54a..00000000 --- a/Definitions/policyAssignments/alerting-connectivity-policySet.jsonc +++ /dev/null @@ -1,305 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-Connectivity", - "displayName": "Deploy Azure Monitor Baseline Alerts for Connectivity", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-Connectivity", - "displayName": "Deploy Azure Monitor Baseline Alerts for Connectivity", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Network components such as Azure Firewalls, ExpressRoute, VPN, and Private DNS Zones." - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "LBHealthProbeStatusWindowSize": "PT5M", - "ERGwExpressRouteCpuUtilThreshold": "80", - "AFWSNATPortUtilizationWindowSize": "PT5M", - "ERGwExpressRouteBitsInAlertState": "true", - "ALZMonitorResourceGroupLocation": "eastus", - "VPNGWEgressWindowSize": "PT5M", - "activityNSGDeletePolicyEffect": "deployIfNotExists", - "LBHealthProbeStatusAlertSeverity": "2", - "ERPRxLightLevelLowAlertSeverity": "1", - "LBDatapathAvailabilityAlertState": "true", - "PIPDDoSAttackWindowSize": "PT5M", - "PIPVIPAvailabilityThreshold": "1", - "VnetGwTunnelIngressPacketDropMismatchAlertSeverity": "3", - "VPNGWIngressPolicyEffect": "disabled", - "VnetGwTunnelEgressPacketDropMismatchPolicyEffect": "deployIfNotExists", - "VPNGWIngressWindowSize": "PT5M", - "VPNGWTunnelEgressPacketDropMismatchFrequency": "PT5M", - "ERGwExpressRouteCpuUtilAlertSeverity": "1", - "ERCIRQoSDropBitsinPerSecPolicyEffect": "deployIfNotExists", - "VPNGWTunnelEgressPacketDropCountAlertState": "true", - "VnetGwTunnelBWPolicyEffect": "deployIfNotExists", - "LBDatapathAvailabilityAlertSeverity": "0", - "VnetGwTunnelEgressThreshold": "1", - "LBUsedSNATPortsWindowSize": "PT5M", - "ERCIRBgpAvailabilityThreshold": "90", - "VnetGwTunnelBWWindowSize": "PT5M", - "VPNGwBGPPeerStatusAlertSeverity": "3", - "ERPTxLightLevelHighAlertSeverity": "1", - "ERGwExpressRouteBitsOutEvaluationFrequency": "PT5M", - "ERPBitsInPerSecondAlertSeverity": "0", - "ERPRxLightLevelLowWindowSize": "PT5M", - "PDNSZQueryVolumeAlertState": "true", - "LBGlobalBackendAvailabilityWindowSize": "PT5M", - "PIPPacketsInDDoSPolicyEffect": "disabled", - "PIPDDoSAttackEvaluationFrequency": "PT5M", - "VNETDDOSAttackPolicyEffect": "deployIfNotExists", - "ERCIRBgpAvailabilityPolicyEffect": "deployIfNotExists", - "LBHealthProbeStatusAlertState": "true", - "AFWSNATPortUtilizationPolicyEffect": "deployIfNotExists", - "VPNGWTunnelIngressPacketDropMismatchAlertState": "true", - "PIPPacketsInDDoSAlertSeverity": "4", - "ERGwExpressRouteBitsOutThreshold": "1", - "ERPTxLightLevelHighWindowSize": "PT5M", - "ERPTxLightLevelHighPolicyEffect": "deployIfNotExists", - "PIPPacketsInDDoSEvaluationFrequency": "PT5M", - "ERPRxLightLevelLowEvaluationFrequency": "PT1M", - "LBUsedSNATPortsEvaluationFrequency": "PT1M", - "VnetGwTunnelEgressPacketDropMismatchAlertState": "true", - "activityNSGDeleteAlertState": "true", - "LBHealthProbeStatusPolicyEffect": "deployIfNotExists", - "ERGwExpressRouteBitsOutPolicyEffect": "disabled", - "ERGwExpressRouteBitsInEvaluationFrequency": "PT5M", - "VnetGwTunnelEgressPacketDropMismatchEvaluationFrequency": "PT5M", - "VPNGWBandWidthUtilThreshold": "1", - "VPNGWTunnelEgressPacketDropMismatchAlertSeverity": "3", - "FirewallHealthAlertSeverity": "0", - "PIPDDoSAttackThreshold": "0", - "PDNSZCapacityUtilWindowSize": "PT1H", - "ERCIRQoSDropBitsoutPerSecAlertState": "true", - "PIPDDoSAttackAlertState": "true", - "PDNSZCapacityUtilEvaluationFrequency": "PT1H", - "ERPTxLightLevelLowAlertState": "true", - "VnetGwTunnelEgressPolicyEffect": "disabled", - "ERCIRQoSDropBitsoutPerSecWindowSize": "PT5M", - "VnetGwTunnelEgressAlertSeverity": "0", - "LBDatapathAvailabilityEvaluationFrequency": "PT1M", - "ERPTxLightLevelLowAlertSeverity": "1", - "ERCIRQoSDropBitsoutPerSecEvaluationFrequency": "PT5M", - "FirewallHealthAlertState": "true", - "ERPLineProtocolAlertState": "true", - "VnetGwERCpuUtilAlertSeverity": "3", - "VPNGWTunnelIngressPacketDropCountPolicyEffect": "deployIfNotExists", - "ERGwExpressRouteBitsInWindowSize": "PT5M", - "VnetGwTunnelIngressPacketDropMismatchPolicyEffect": "deployIfNotExists", - "PIPVIPAvailabilityWindowSize": "PT5M", - "ERPLineProtocolEvaluationFrequency": "PT1M", - "VPNGWTunnelIngressPacketDropCountAlertSeverity": "3", - "activityVPNGWDeleteAlertState": "true", - "VPNGWBandWidthUtilAlertState": "true", - "activityUDRUpdatePolicyEffect": "deployIfNotExists", - "PIPBytesInDDoSPolicyEffect": "disabled", - "VPNGWTunnelEgressPacketDropMismatchWindowSize": "PT5M", - "ERPBitsOutPerSecondPolicyEffect": "deployIfNotExists", - "ERCIRQoSDropBitsoutPerSecPolicyEffect": "deployIfNotExists", - "VnetGwTunnelEgressEvaluationFrequency": "PT5M", - "VnetGwTunnelEgressPacketDropCountPolicyEffect": "deployIfNotExists", - "VPNGWIngressAlertSeverity": "0", - "ERCIRQoSDropBitsinPerSecEvaluationFrequency": "PT5M", - "VPNGWTunnelIngressPacketDropMismatchAlertSeverity": "3", - "VnetGwERCpuUtilPolicyEffect": "deployIfNotExists", - "VnetGwTunnelIngressAlertState": "true", - "VPNGWTunnelIngressPacketDropMismatchPolicyEffect": "deployIfNotExists", - "VnetGwExpressRouteBitsPerSecondEvaluationFrequency": "PT1M", - "ALZMonitorResourceGroupName": "rg-amba-monitoring-001", - "ERCIRQoSDropBitsinPerSecAlertState": "true", - "VnetGwERCpuUtilAlertState": "true", - "ERCIRBgpAvailabilityEvaluationFrequency": "PT1M", - "VnetGwTunnelEgressPacketDropCountWindowSize": "PT5M", - "VnetGwTunnelIngressAlertSeverity": "0", - "VnetGwExpressRouteBitsPerSecondAlertSeverity": "0", - "LBGlobalBackendAvailabilityAlertSeverity": "0", - "ERPTxLightLevelLowPolicyEffect": "deployIfNotExists", - "PIPBytesInDDoSAlertSeverity": "4", - "PDNSZQueryVolumePolicyEffect": "disabled", - "ERGwExpressRouteBitsInAlertSeverity": "0", - "activityFWDeleteAlertState": "true", - "ERGwExpressRouteBitsInPolicyEffect": "disabled", - "VnetGwTunnelIngressPacketDropCountEvaluationFrequency": "PT5M", - "VPNGWEgressThreshold": "1", - "PDNSZCapacityUtilAlertSeverity": "2", - "VnetGwTunnelIngressPacketDropMismatchEvaluationFrequency": "PT5M", - "ERPLineProtocolWindowSize": "PT5M", - "VnetGwERCpuUtilThreshold": "80", - "PDNSZRegistrationCapacityUtilAlertState": "true", - "VPNGWIngressAutoMitigate": "true", - "VPNGWTunnelEgressPacketDropMismatchAlertState": "true", - "VPNGWEgressEvaluationFrequency": "PT5M", - "LBDatapathAvailabilityPolicyEffect": "deployIfNotExists", - "ERCIRQoSDropBitsinPerSecWindowSize": "PT5M", - "VnetGwTunnelEgressAlertState": "true", - "PDNSZQueryVolumeAlertSeverity": "4", - "ERCIRQoSDropBitsoutPerSecAlertSeverity": "2", - "ERGwExpressRouteBitsOutWindowSize": "PT5M", - "activityVPNGWDeletePolicyEffect": "deployIfNotExists", - "VPNGWIngressEvaluationFrequency": "PT5M", - "VnetGwTunnelBWAlertState": "true", - "AFWSNATPortUtilizationFrequency": "PT1M", - "ERCIRBgpAvailabilityAlertState": "true", - "PDNSZRecordSetCapacityAlertSeverity": "2", - "VnetGwTunnelBWThreshold": "1", - "activityFWDeletePolicyEffect": "deployIfNotExists", - "VnetGwERCpuUtilEvaluationFrequency": "PT1M", - "ERCIRArpAvailabilityPolicyEffect": "deployIfNotExists", - "PIPPacketsInDDoSThreshold": "40000", - "FirewallHealthThreshold": "90", - "PIPPacketsInDDoSWindowSize": "PT5M", - "PDNSZRecordSetCapacityAlertState": "true", - "LBGlobalBackendAvailabilityEvaluationFrequency": "PT1M", - "ERPRxLightLevelHighWindowSize": "PT5M", - "LBUsedSNATPortsAlertSeverity": "1", - "ALZMonitorResourceGroupTags": { - "Project": "amba-monitoring" - }, - "PDNSZRegistrationCapacityUtilWindowSize": "PT1H", - "ERGwExpressRouteBitsOutAlertState": "true", - "ERPBitsOutPerSecondAlertSeverity": "0", - "PIPVIPAvailabilityPolicyEffect": "deployIfNotExists", - "PIPVIPAvailabilityAlertState": "true", - "ERPRxLightLevelHighAlertState": "true", - "ERPBitsInPerSecondEvaluationFrequency": "PT1M", - "AFWSNATPortUtilizationThreshold": "80", - "PIPBytesInDDoSWindowSize": "PT5M", - "VPNGwBGPPeerStatusThreshold": "1", - "VnetGwExpressRouteBitsPerSecondThreshold": "1", - "LBUsedSNATPortsPolicyEffect": "deployIfNotExists", - "ERPTxLightLevelLowWindowSize": "PT5M", - "VnetGwTunnelEgressPacketDropCountAlertState": "true", - "VPNGWBandWidthUtilAlertSeverity": "0", - "VPNGWEgressAlertSeverity": "0", - "VNETDDOSAttackThreshold": "1", - "VnetGwTunnelEgressPacketDropMismatchWindowSize": "PT5M", - "VPNGWTunnelEgressPacketDropMismatchPolicyEffect": "deployIfNotExists", - "ERGwExpressRouteCpuUtilWindowSize": "PT5M", - "VnetGwExpressRouteBitsPerSecondAlertState": "true", - "VnetGwTunnelIngressThreshold": "1", - "VnetGwExpressRouteBitsPerSecondWindowSize": "PT5M", - "ERPLineProtocolAlertSeverity": "0", - "VPNGwBGPPeerStatusEvaluationFrequency": "PT5M", - "ERCIRBgpAvailabilityAlertSeverity": "0", - "VnetGwTunnelEgressPacketDropCountEvaluationFrequency": "PT5M", - "ERCIRArpAvailabilityAlertSeverity": "0", - "VPNGWTunnelEgressPacketDropCountPolicyEffect": "deployIfNotExists", - "VPNGWBandWidthUtilPolicyEffect": "deployIfNotExists", - "ERPBitsInPerSecondPolicyEffect": "deployIfNotExists", - "ERPBitsOutPerSecondWindowSize": "PT5M", - "ERPRxLightLevelHighPolicyEffect": "deployIfNotExists", - "VPNGWTunnelEgressPacketDropCountAlertSeverity": "3", - "VnetGwTunnelIngressPacketDropMismatchWindowSize": "PT5M", - "ERPLineProtocolPolicyEffect": "deployIfNotExists", - "VPNGwBGPPeerStatusWindowSize": "PT5M", - "PIPBytesInDDoSThreshold": "8000000", - "ERPRxLightLevelLowPolicyEffect": "deployIfNotExists", - "ERGwExpressRouteCpuUtilEvaluationFrequency": "PT1M", - "PDNSZRecordSetCapacityWindowSize": "PT1H", - "LBUsedSNATPortsAlertState": "true", - "PDNSZRecordSetCapacityPolicyEffect": "deployIfNotExists", - "PIPVIPAvailabilityEvaluationFrequency": "PT1M", - "VPNGWBandWidthUtilWindowSize": "PT5M", - "ERPRxLightLevelLowAlertState": "true", - "VPNGwBGPPeerStatusPolicyEffect": "deployIfNotExists", - "PDNSZCapacityUtilThreshold": "80", - "PIPDDoSAttackPolicyEffect": "deployIfNotExists", - "FirewallHealthEvaluationFrequency": "PT1M", - "PDNSZCapacityUtilPolicyEffect": "deployIfNotExists", - "PIPPacketsInDDoSAlertState": "true", - "ERCIRArpAvailabilityThreshold": "90", - "ERGwExpressRouteBitsOutAlertSeverity": "0", - "VPNGwBGPPeerStatusAlertState": "true", - "VPNGWTunnelIngressPacketDropCountAlertState": "true", - "VPNGWIngressAlertState": "true", - "ERPRxLightLevelHighEvaluationFrequency": "PT1M", - "ERCIRBgpAvailabilityWindowSize": "PT5M", - "ERPRxLightLevelHighAlertSeverity": "1", - "ERGwExpressRouteCpuUtilAlertState": "true", - "VPNGWEgressAlertState": "true", - "LBGlobalBackendAvailabilityPolicyEffect": "deployIfNotExists", - "ERPBitsOutPerSecondAlertState": "true", - "VnetGwTunnelEgressPacketDropCountAlertSeverity": "1", - "PDNSZQueryVolumeThreshold": "500", - "PIPDDoSAttackAlertSeverity": "1", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "ERPTxLightLevelLowEvaluationFrequency": "PT1M", - "VnetGwTunnelEgressPacketDropMismatchAlertSeverity": "3", - "PIPBytesInDDoSEvaluationFrequency": "PT5M", - "VPNGWTunnelIngressPacketDropMismatchFrequency": "PT5M", - "VPNGWEgressPolicyEffect": "disabled", - "ALZMonitorDisableTagName": "MonitorDisable", - "VnetGwExpressRouteBitsPerSecondPolicyEffect": "deployIfNotExists", - "VPNGWTunnelIngressPacketDropCountFrequency": "PT5M", - "VPNGWIngressThreshold": "1", - "PIPBytesInDDoSAlertState": "true", - "VPNGWTunnelEgressPacketDropCountWindowSize": "PT5M", - "LBHealthProbeStatusEvaluationFrequency": "PT1M", - "VNETDDOSAttackAlertState": "true", - "PIPVIPAvailabilityAlertSeverity": "1", - "VnetGwTunnelIngressWindowSize": "PT5M", - "VPNGWTunnelIngressPacketDropMismatchWindowSize": "PT5M", - "PDNSZRecordSetCapacityEvaluationFrequency": "PT1H", - "AFWSNATPortUtilizationAlertState": "true", - "PDNSZRegistrationCapacityUtilAlertSeverity": "2", - "ERPBitsInPerSecondAlertState": "true", - "VnetGwTunnelIngressPacketDropCountAlertSeverity": "3", - "VNETDDOSAttackAlertSeverity": "1", - "ERCIRQoSDropBitsinPerSecAlertSeverity": "2", - "VNETDDOSAttackEvaluationFrequency": "PT1M", - "VPNGWBandWidthUtilEvaluationFrequency": "PT5M", - "FirewallHealthPolicyEffect": "deployIfNotExists", - "VnetGwTunnelIngressPacketDropCountWindowSize": "PT5M", - "ERPTxLightLevelHighAlertState": "true", - "FirewallHealthWindowSize": "PT5M", - "LBGlobalBackendAvailabilityAlertState": "true", - "ERPBitsOutPerSecondEvaluationFrequency": "PT1M", - "VPNGWTunnelIngressPacketDropCountWindowSize": "PT5M", - "ERCIRArpAvailabilityFrequency": "PT1M", - "ERGwExpressRouteBitsInThreshold": "1", - "PDNSZRecordSetCapacityThreshold": "80", - "VnetGwTunnelIngressPacketDropCountPolicyEffect": "deployIfNotExists", - "LBDatapathAvailabilityWindowSize": "PT5M", - "ERCIRArpAvailabilityWindowSize": "PT5M", - "VnetGwERCpuUtilWindowSize": "PT5M", - "VnetGwTunnelIngressPolicyEffect": "disabled", - "VNETDDOSAttackWindowSize": "PT5M", - "VPNGWTunnelEgressPacketDropCountFrequency": "PT5M", - "ERPBitsInPerSecondWindowSize": "PT5M", - "VnetGwTunnelIngressPacketDropMismatchAlertState": "true", - "ERGwExpressRouteCpuUtilPolicyEffect": "deployIfNotExists", - "VnetGwTunnelIngressEvaluationFrequency": "PT5M", - "PDNSZRegistrationCapacityUtilThreshold": "80", - "ERPTxLightLevelHighEvaluationFrequency": "PT1M", - "activityUDRUpdateAlertState": "true", - "VnetGwTunnelIngressPacketDropCountAlertState": "true", - "PDNSZCapacityUtilAlertState": "true", - "VnetGwTunnelEgressWindowSize": "PT5M", - "ERCIRArpAvailabilityAlertState": "true", - "VnetGwTunnelBWAlertSeverity": "0", - "PDNSZQueryVolumeEvaluationFrequency": "PT1H", - "PDNSZQueryVolumeWindowSize": "PT1H", - "AFWSNATPortUtilizationAlertSeverity": "1", - "VnetGwTunnelBWEvaluationFrequency": "PT1M", - "PDNSZRegistrationCapacityUtilPolicyEffect": "deployIfNotExists", - "PDNSZRegistrationCapacityUtilEvaluationFrequency": "PT1H" - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba-connectivity" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/alerting-hybridvm-policySet.jsonc b/Definitions/policyAssignments/alerting-hybridvm-policySet.jsonc deleted file mode 100644 index 821a1e6b..00000000 --- a/Definitions/policyAssignments/alerting-hybridvm-policySet.jsonc +++ /dev/null @@ -1,216 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-HybridVM", - "displayName": "Deploy Azure Monitor Baseline Alerts for Hybrid VMs", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-HybridVM", - "displayName": "Deploy Azure Monitor Baseline Alerts for Hybrid VMs", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Azure Arc-enabled Servers." - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "HybridVMHeartBeatRGWindowSize": "PT6H", - "HybridVMNetworkInWindowSize": "PT15M", - "ALZMonitorResourceGroupLocation": "eastus", - "HybridVMHeartBeatRGEvaluationFrequency": "PT5M", - "HybridVMOSDiskReadLatencyFailingPeriods": "1", - "HybridVMNetworkOutEvaluationFrequency": "PT5M", - "HybridVMPercentMemoryAutoResolveTime": "00:10:00", - "HybridVMHeartBeatRGPolicyEffect": "deployIfNotExists", - "HybridVMDataDiskWriteLatencyPolicyEffect": "deployIfNotExists", - "HybridVMDataDiskWriteLatencyComputersToInclude": [ - "*" - ], - "HybridVMOSDiskWriteLatencyAutoMitigate": "true", - "HybridVMPercentMemoryOperator": "GreaterThan", - "ALZMonitorResourceGroupName": "rg-amba-monitoring-001", - "HybridVMPercentCPUFailingPeriods": "1", - "HybridVMOSDiskWriteLatencyEvaluationFrequency": "PT5M", - "HybridVMOSDiskReadLatencyAutoResolveTime": "00:10:00", - "HybridVMDisconnectedAlertAutoMitigate": "false", - "HybridVMDisconnectedAlertEvaluationFrequency": "PT10M", - "HybridVMHeartBeatRGFailingPeriods": "1", - "HybridVMDataDiskWriteLatencyAutoResolveTime": "00:10:00", - "HybridVMDataDiskWriteLatencyAlertSeverity": "2", - "HybridVMPercentMemoryAutoMitigate": "true", - "HybridVMDataDiskWriteLatencyAlertState": "true", - "HybridVMPercentCPUPolicyEffect": "deployIfNotExists", - "HybridVMPercentMemoryThreshold": "10", - "HybridVMNetworkOutWindowSize": "PT15M", - "HybridVMDataDiskSpaceWindowSize": "PT15M", - "HybridVMPercentCPUAlertSeverity": "2", - "HybridVMOSDiskSpacePolicyEffect": "deployIfNotExists", - "HybridVMDataDiskReadLatencyAlertSeverity": "2", - "HybridVMDataDiskWriteLatencyEvaluationPeriods": "1", - "HybridVMDataDiskReadLatencyAutoResolve": "true", - "HybridVMDataDiskReadLatencyAutoResolveTime": "00:10:00", - "HybridVMOSDiskReadLatencyAutoResolve": "true", - "HybridVMNetworkInEvaluationFrequency": "PT5M", - "HybridVMNetworkOutAlertState": "true", - "HybridVMDataDiskSpaceTimeAggregation": "Count", - "HybridVMOSDiskWriteLatencyEvaluationPeriods": "1", - "HybridVMOSDiskReadLatencyComputersToInclude": [ - "*" - ], - "HybridVMDataDiskReadLatencyTimeAggregation": "Count", - "HybridVMPercentMemoryFailingPeriods": "1", - "HybridVMOSDiskReadLatencyWindowSize": "PT15M", - "HybridVMOSDiskReadLatencyThreshold": "30", - "HybridVMHeartBeatRGOperator": "GreaterThan", - "HybridVMOSDiskSpaceAutoResolve": "true", - "HybridVMPercentCPUEvaluationFrequency": "PT5M", - "HybridVMOSDiskReadLatencyTimeAggregation": "Count", - "HybridVMHeartBeatRGAutoMitigate": "true", - "HybridVMOSDiskSpaceThreshold": "10", - "HybridVMDataDiskWriteLatencyOperator": "GreaterThan", - "HybridVMDataDiskSpaceFailingPeriods": "1", - "HybridVMNetworkOutEvaluationPeriods": "1", - "HybridVMOSDiskWriteLatencyAutoResolve": "true", - "HybridVMNetworkOutAutoMitigate": "true", - "ALZUserAssignedManagedIdentityName": "id-amba-prod-001", - "HybridVMHeartBeatRGTimeAggregation": "Count", - "HybridVMDisconnectedAlertEvaluationPeriods": "1", - "HybridVMDataDiskSpaceAutoResolve": "true", - "HybridVMOSDiskWriteLatencyComputersToInclude": [ - "*" - ], - "HybridVMOSDiskReadLatencyAlertSeverity": "2", - "HybridVMNetworkOutAutoResolve": "true", - "HybridVMOSDiskWriteLatencyAlertState": "true", - "HybridVMOSDiskSpaceEvaluationFrequency": "PT5M", - "HybridVMPercentMemoryTimeAggregation": "Count", - "HybridVMPercentCPUWindowSize": "PT15M", - "HybridVMPercentMemoryEvaluationFrequency": "PT5M", - "HybridVMPercentMemoryWindowSize": "PT15M", - "HybridVMDisconnectedAlertState": "true", - "HybridVMHeartBeatRGAutoResolveTime": "00:10:00", - "HybridVMOSDiskReadLatencyPolicyEffect": "deployIfNotExists", - "HybridVMPercentCPUAutoResolveTime": "00:10:00", - "HybridVMOSDiskSpaceFailingPeriods": "1", - "HybridVMDisconnectedAlertSeverity": "1", - "HybridVMOSDiskWriteLatencyAutoResolveTime": "00:10:00", - "HybridVMOSDiskWriteLatencyThreshold": "30", - "HybridVMPercentCPUThreshold": "85", - "HybridVMNetworkInTimeAggregation": "Count", - "HybridVMPercentMemoryAlertState": "true", - "HybridVMDataDiskSpaceEvaluationFrequency": "PT5M", - "HybridVMDisconnectedAlertOperator": "GreaterThan", - "HybridVMDisconnectedAlertWindowSize": "P1D", - "HybridVMDataDiskReadLatencyAutoMitigate": "true", - "ALZMonitorResourceGroupTags": { - "Project": "amba-monitoring" - }, - "HybridVMOSDiskWriteLatencyWindowSize": "PT15M", - "HybridVMOSDiskReadLatencyAutoMitigate": "true", - "HybridVMPercentMemoryAlertSeverity": "2", - "HybridVMDataDiskWriteLatencyWindowSize": "PT15M", - "HybridVMDataDiskReadLatencyOperator": "GreaterThan", - "HybridVMOSDiskWriteLatencyOperator": "GreaterThan", - "HybridVMNetworkOutAutoResolveTime": "00:10:00", - "HybridVMDataDiskSpaceAutoResolveTime": "00:10:00", - "HybridVMDisconnectedAlertThreshold": "10m", - "HybridVMDataDiskSpacePolicyEffect": "deployIfNotExists", - "HybridVMOSDiskReadLatencyAlertState": "true", - "HybridVMOSDiskSpaceAutoMitigate": "true", - "HybridVMHeartBeatRGAutoResolve": "true", - "HybridVMOSDiskSpaceAutoResolveTime": "00:10:00", - "HybridVMOSDiskWriteLatencyPolicyEffect": "deployIfNotExists", - "HybridVMDataDiskWriteLatencyAutoMitigate": "true", - "BYOUserAssignedManagedIdentityResourceId": "", - "HybridVMPercentCPUAlertState": "true", - "HybridVMOSDiskWriteLatencyAlertSeverity": "2", - "HybridVMHeartBeatRGAlertSeverity": "1", - "HybridVMPercentMemoryPolicyEffect": "deployIfNotExists", - "HybridVMOSDiskReadLatencyOperator": "GreaterThan", - "HybridVMOSDiskWriteLatencyTimeAggregation": "Count", - "HybridVMOSDiskSpaceTimeAggregation": "Count", - "HybridVMPercentCPUAutoResolve": "true", - "HybridVMNetworkInAlertState": "true", - "HybridVMHeartBeatRGThreshold": "10", - "HybridVMDataDiskSpaceOperator": "GreaterThan", - "HybridVMDataDiskReadLatencyFailingPeriods": "1", - "HybridVMPercentCPUAutoMitigate": "true", - "HybridVMDataDiskReadLatencyPolicyEffect": "deployIfNotExists", - "HybridVMNetworkOutThreshold": "10000000", - "HybridVMPercentCPUOperator": "GreaterThan", - "HybridVMDataDiskWriteLatencyTimeAggregation": "Count", - "HybridVMNetworkOutFailingPeriods": "1", - "HybridVMOSDiskWriteLatencyFailingPeriods": "1", - "HybridVMDataDiskWriteLatencyEvaluationFrequency": "PT5M", - "HybridVMPercentMemoryAutoResolve": "true", - "HybridVMOSDiskSpaceComputersToInclude": [ - "*" - ], - "HybridVMDisconnectedAlertTimeAggregation": "Count", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "HybridVMOSDiskReadLatencyEvaluationPeriods": "1", - "HybridVMDataDiskReadLatencyEvaluationPeriods": "1", - "HybridVMPercentCPUTimeAggregation": "Count", - "ALZMonitorDisableTagName": "MonitorDisable", - "HybridVMOSDiskSpaceOperator": "GreaterThan", - "HybridVMDataDiskReadLatencyWindowSize": "PT15M", - "HybridVMNetworkInAlertSeverity": "2", - "HybridVMDisconnectedAlertPolicyEffect": "deployIfNotExists", - "HybridVMDataDiskWriteLatencyAutoResolve": "true", - "HybridVMNetworkInThreshold": "10000000", - "HybridVMDataDiskSpaceAlertState": "true", - "HybridVMDataDiskReadLatencyComputersToInclude": [ - "*" - ], - "HybridVMNetworkOutPolicyEffect": "deployIfNotExists", - "HybridVMNetworkInAutoResolveTime": "00:10:00", - "HybridVMDataDiskWriteLatencyThreshold": "30", - "HybridVMDataDiskWriteLatencyFailingPeriods": "1", - "HybridVMNetworkInOperator": "GreaterThan", - "HybridVMDataDiskReadLatencyThreshold": "30", - "HybridVMNetworkInEvaluationPeriods": "1", - "HybridVMDataDiskSpaceAutoMitigate": "true", - "HybridVMNetworkOutComputersToInclude": [ - "*" - ], - "HybridVMOSDiskSpaceEvaluationPeriods": "1", - "HybridVMOSDiskSpaceAlertState": "true", - "HybridVMDataDiskReadLatencyAlertState": "true", - "HybridVMNetworkOutTimeAggregation": "Count", - "HybridVMDisconnectedAlertFailingPeriods": "1", - "HybridVMNetworkInComputersToInclude": [ - "*" - ], - "HybridVMOSDiskSpaceAlertSeverity": "2", - "HybridVMHeartBeatRGAlertState": "true", - "HybridVMDataDiskSpaceEvaluationPeriods": "1", - "HybridVMNetworkInAutoResolve": "true", - "HybridVMNetworkOutAlertSeverity": "2", - "HybridVMDataDiskSpaceThreshold": "10", - "HybridVMNetworkInPolicyEffect": "deployIfNotExists", - "HybridVMDataDiskSpaceAlertSeverity": "2", - "ALZManagementSubscriptionId": "8da8d616-a90e-446a-9098-ad7381ce56a7", - "HybridVMNetworkInAutoMitigate": "true", - "HybridVMOSDiskReadLatencyEvaluationFrequency": "PT5M", - "HybridVMNetworkOutOperator": "GreaterThan", - "HybridVMDataDiskReadLatencyEvaluationFrequency": "PT5M", - "HybridVMNetworkInFailingPeriods": "1", - "HybridVMOSDiskSpaceWindowSize": "PT15M" - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba-landingzones" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/alerting-identity-policySet.jsonc b/Definitions/policyAssignments/alerting-identity-policySet.jsonc deleted file mode 100644 index 52d94e53..00000000 --- a/Definitions/policyAssignments/alerting-identity-policySet.jsonc +++ /dev/null @@ -1,80 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-Identity", - "displayName": "Deploy Azure Monitor Baseline Alerts for Identity", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-Identity", - "displayName": "Deploy Azure Monitor Baseline Alerts for Identity", - "description": "Initiative to deploy AMBA alerts relevant to the ALZ Identity management group" - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "KVCapacityEvaluationFrequency": "PT1M", - "KVCapacityAlertState": "true", - "KVCapacityWindowSize": "PT5M", - "HSMsLatencyAvailabilityAlertState": "true", - "KvAvailabilityPolicyEffect": "disabled", - "KVCapacityPolicyEffect": "disabled", - "KvAvailabilityEvaluationFrequency": "PT1M", - "KVRequestWindowSize": "PT5M", - "KVCapacityAlertSeverity": "1", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "HSMsAvailabilityAlertState": "true", - "ALZMonitorResourceGroupLocation": "eastus", - "HSMsLatencyAvailabilityPolicyEffect": "disabled", - "KvLatencyAvailabilityPolicyEffect": "disabled", - "KvLatencyAvailabilityEvaluationFrequency": "PT5M", - "KVCapacityThreshold": "75", - "activityHSMsDeletePolicyEffect": "deployIfNotExists", - "KVRequestEvaluationFrequency": "PT5M", - "KVRequestPolicyEffect": "disabled", - "KvLatencyAvailabilityAlertState": "true", - "KVRequestAlertSeverity": "2", - "HSMsAvailabilityPolicyEffect": "disabled", - "HSMsLatencyAvailabilityThreshold": "1000", - "KvAvailabilityAlertState": "true", - "activityKVDeletePolicyEffect": "deployIfNotExists", - "KVAvailabilityThreshold": "20", - "HSMsLatencyAvailabilityAlertSeverity": "3", - "ALZMonitorResourceGroupName": "rg-amba-monitoring-001", - "HSMsLatencyAvailabilityEvaluationFrequency": "PT5M", - "activityKVDeleteAlertState": "true", - "activityHSMsDeleteAlertState": "true", - "ALZMonitorResourceGroupTags": { - "Project": "amba-monitoring" - }, - "KvAvailabilityWindowSize": "PT1M", - "HSMsLatencyAvailabilityWindowSize": "PT5M", - "KvLatencyAvailabilityAlertSeverity": "3", - "KvAvailabilityAlertSeverity": "1", - "KvLatencyAvailabilityThreshold": "1000", - "HSMsAvailabilityThreshold": "20", - "KvLatencyAvailabilityWindowSize": "PT5M", - "HSMsAvailabilityEvaluationFrequency": "PT1M", - "KVRequestAlertState": "true", - "HSMsAvailabilityAlertSeverity": "1", - "HSMsAvailabilityWindowSize": "PT1M", - "ALZMonitorDisableTagName": "MonitorDisable" - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba-identity" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/alerting-keymanagement-policySet.jsonc b/Definitions/policyAssignments/alerting-keymanagement-policySet.jsonc deleted file mode 100644 index 7c90c9a6..00000000 --- a/Definitions/policyAssignments/alerting-keymanagement-policySet.jsonc +++ /dev/null @@ -1,80 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-KeyManagement", - "displayName": "Deploy Azure Monitor Baseline Alerts for Key Management", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-KeyMgmt", - "displayName": "Deploy Azure Monitor Baseline Alerts for Key Management", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Key Management Services such as Azure Key Vault, and Managed HSM." - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "KVCapacityEvaluationFrequency": "PT1M", - "KVCapacityAlertState": "true", - "KVCapacityWindowSize": "PT5M", - "HSMsLatencyAvailabilityAlertState": "true", - "KvAvailabilityPolicyEffect": "disabled", - "KVCapacityPolicyEffect": "disabled", - "KvAvailabilityEvaluationFrequency": "PT1M", - "KVRequestWindowSize": "PT5M", - "KVCapacityAlertSeverity": "1", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "HSMsAvailabilityAlertState": "true", - "ALZMonitorResourceGroupLocation": "eastus", - "HSMsLatencyAvailabilityPolicyEffect": "disabled", - "KvLatencyAvailabilityPolicyEffect": "disabled", - "KvLatencyAvailabilityEvaluationFrequency": "PT5M", - "KVCapacityThreshold": "75", - "activityHSMsDeletePolicyEffect": "deployIfNotExists", - "KVRequestEvaluationFrequency": "PT5M", - "KVRequestPolicyEffect": "disabled", - "KvLatencyAvailabilityAlertState": "true", - "KVRequestAlertSeverity": "2", - "HSMsAvailabilityPolicyEffect": "disabled", - "HSMsLatencyAvailabilityThreshold": "1000", - "KvAvailabilityAlertState": "true", - "activityKVDeletePolicyEffect": "deployIfNotExists", - "KVAvailabilityThreshold": "20", - "HSMsLatencyAvailabilityAlertSeverity": "3", - "ALZMonitorResourceGroupName": "rg-amba-monitoring-001", - "HSMsLatencyAvailabilityEvaluationFrequency": "PT5M", - "activityKVDeleteAlertState": "true", - "activityHSMsDeleteAlertState": "true", - "ALZMonitorResourceGroupTags": { - "Project": "amba-monitoring" - }, - "KvAvailabilityWindowSize": "PT1M", - "HSMsLatencyAvailabilityWindowSize": "PT5M", - "KvLatencyAvailabilityAlertSeverity": "3", - "KvAvailabilityAlertSeverity": "1", - "KvLatencyAvailabilityThreshold": "1000", - "HSMsAvailabilityThreshold": "20", - "KvLatencyAvailabilityWindowSize": "PT5M", - "HSMsAvailabilityEvaluationFrequency": "PT1M", - "KVRequestAlertState": "true", - "HSMsAvailabilityAlertSeverity": "1", - "HSMsAvailabilityWindowSize": "PT1M", - "ALZMonitorDisableTagName": "MonitorDisable" - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba-landingzones" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/alerting-loadbalancing-policySet.jsonc b/Definitions/policyAssignments/alerting-loadbalancing-policySet.jsonc deleted file mode 100644 index 6a92a640..00000000 --- a/Definitions/policyAssignments/alerting-loadbalancing-policySet.jsonc +++ /dev/null @@ -1,165 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-LoadBalancing", - "displayName": "Deploy Azure Monitor Baseline Alerts for Load Balancing", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-LoadBalance", - "displayName": "Deploy Azure Monitor Baseline Alerts for Load Balancing", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Load Balancing Services such as Load Balancer, Application Gateway, Traffic Manager, and Azure Front Door." - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "AGWApplicationGatewayTotalTimeEvaluationFrequency": "PT1M", - "AGWBackendLastByteResponseTimeAlertSeverity": "2", - "AGWCapacityUnitsAlertSeverity": "2", - "PIPDDoSAttackAlertState": "true", - "CDNPPercentage5XXAlertState": "true", - "TMEndpointHealthWindowSize": "PT5M", - "AGWCPUUtilAlertSeverity": "2", - "TMEndpointHealthAlertSeverity": "2", - "CDNPOriginHealthPercentageEvaluationFrequency": "PT1M", - "LBHealthProbeStatusPolicyEffect": "deployIfNotExists", - "LBGlobalBackendAvailabilityWindowSize": "PT5M", - "CDNPOriginLatencyWindowSize": "PT5M", - "VNETDDOSAttackPolicyEffect": "deployIfNotExists", - "CDNPPercentage5XXPolicyEffect": "deployIfNotExists", - "AGWFailedRequestsPolicyEffect": "deployIfNotExists", - "LBGlobalBackendAvailabilityAlertSeverity": "0", - "LBDatapathAvailabilityAlertSeverity": "0", - "FDBackendRequestLatencyWindowSize": "PT5M", - "AGWBackendLastByteResponseTimeEvaluationFrequency": "PT1M", - "LBHealthProbeStatusWindowSize": "PT5M", - "AGWBackendLastByteResponseTimeWindowSize": "PT5M", - "AGWComputeUnitsAlertSeverity": "2", - "AGWFailedRequestsEvaluationFrequency": "PT1M", - "CDNPOriginLatencyEvaluationFrequency": "PT1M", - "VNETDDOSAttackAlertState": "true", - "TMEndpointHealthAlertState": "true", - "PIPPacketsInDDoSThreshold": "40000", - "TMEndpointHealthPolicyEffect": "deployIfNotExists", - "AGWFailedRequestsAlertSeverity": "2", - "AGWApplicationGatewayTotalTimeWindowSize": "PT5M", - "FDBackendHealthAlertSeverity": "2", - "LBDatapathAvailabilityPolicyEffect": "deployIfNotExists", - "VNETDDOSAttackEvaluationFrequency": "PT1M", - "LBHealthProbeStatusEvaluationFrequency": "PT1M", - "PIPPacketsInDDoSAlertState": "true", - "FDBackendRequestLatencyEvaluationFrequency": "PT1M", - "PIPVIPAvailabilityAlertState": "true", - "AGWCPUUtilAlertState": "true", - "CDNPPercentage4XXWindowSize": "PT5M", - "FDBackendHealthAlertState": "true", - "PIPVIPAvailabilityWindowSize": "PT5M", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "LBUsedSNATPortsPolicyEffect": "deployIfNotExists", - "CDNPPercentage5XXWindowSize": "PT5M", - "FDBackendRequestLatencyPolicyEffect": "deployIfNotExists", - "PIPVIPAvailabilityAlertSeverity": "1", - "AGWResponseStatusEvaluationFrequency": "PT1M", - "AGWFailedRequestsAlertSensitivity": "Medium", - "VNETDDOSAttackThreshold": "1", - "LBUsedSNATPortsAlertSeverity": "1", - "AGWCapacityUnitsWindowSize": "PT5M", - "PIPPacketsInDDoSWindowSize": "PT5M", - "FDBackendRequestLatencyAlertState": "true", - "AGWCPUUtilEvaluationFrequency": "PT1M", - "AGWComputeUnitsAlertState": "true", - "PIPPacketsInDDoSEvaluationFrequency": "PT5M", - "AGWCapacityUnitsAlertState": "true", - "AGWUnhealthyHostCountAlertState": "true", - "CDNPPercentage5XXEvaluationFrequency": "PT1M", - "AGWComputeUnitsPolicyEffect": "deployIfNotExists", - "CDNPOriginHealthPercentagePolicyEffect": "deployIfNotExists", - "AGWCapacityUnitsEvaluationFrequency": "PT1M", - "AGWUnhealthyHostCountAlertSeverity": "2", - "AGWUnhealthyHostCountEvaluationFrequency": "PT1M", - "PIPPacketsInDDoSPolicyEffect": "disabled", - "AGWResponseStatusAlertState": "true", - "AGWUnhealthyHostCountPolicyEffect": "deployIfNotExists", - "AGWFailedRequestsWindowSize": "PT5M", - "PIPDDoSAttackAlertSeverity": "1", - "LBDatapathAvailabilityWindowSize": "PT5M", - "AGWCPUUtilPolicyEffect": "deployIfNotExists", - "PIPVIPAvailabilityPolicyEffect": "deployIfNotExists", - "LBGlobalBackendAvailabilityAlertState": "true", - "LBGlobalBackendAvailabilityPolicyEffect": "deployIfNotExists", - "PIPPacketsInDDoSAlertSeverity": "4", - "PIPBytesInDDoSAlertState": "true", - "PIPVIPAvailabilityEvaluationFrequency": "PT1M", - "VNETDDOSAttackAlertSeverity": "1", - "AGWCPUUtilWindowSize": "PT5M", - "AGWApplicationGatewayTotalTimeAlertState": "true", - "PIPDDoSAttackThreshold": "0", - "LBUsedSNATPortsAlertState": "true", - "AGWFailedRequestsAlertState": "true", - "PIPBytesInDDoSEvaluationFrequency": "PT5M", - "AGWComputeUnitsEvaluationFrequency": "PT1M", - "LBDatapathAvailabilityAlertState": "true", - "CDNPOriginLatencyAlertState": "true", - "FDBackendRequestLatencyAlertSeverity": "2", - "CDNPOriginLatencyPolicyEffect": "disabled", - "AGWResponseStatusPolicyEffect": "deployIfNotExists", - "FDBackendHealthPolicyEffect": "deployIfNotExists", - "AGWResponseStatusAlertSensitivity": "Medium", - "PIPDDoSAttackPolicyEffect": "deployIfNotExists", - "CDNPPercentage4XXAlertState": "true", - "LBHealthProbeStatusAlertSeverity": "2", - "FDBackendHealthEvaluationFrequency": "PT1M", - "CDNPPercentage4XXPolicyEffect": "deployIfNotExists", - "VNETDDOSAttackWindowSize": "PT5M", - "PIPBytesInDDoSThreshold": "8000000", - "LBHealthProbeStatusAlertState": "true", - "AGWComputeUnitsWindowSize": "PT5M", - "AGWBackendLastByteResponseTimePolicyEffect": "deployIfNotExists", - "CDNPPercentage4XXEvaluationFrequency": "PT1M", - "AGWResponseStatusWindowSize": "PT5M", - "CDNPOriginHealthPercentageAlertState": "true", - "AGWCapacityUnitsPolicyEffect": "deployIfNotExists", - "AGWApplicationGatewayTotalTimeAlertSensitivity": "Medium", - "CDNPOriginLatencyAlertSeverity": "2", - "LBUsedSNATPortsEvaluationFrequency": "PT1M", - "LBGlobalBackendAvailabilityEvaluationFrequency": "PT1M", - "AGWResponseStatusAlertSeverity": "2", - "PIPDDoSAttackEvaluationFrequency": "PT5M", - "LBUsedSNATPortsWindowSize": "PT5M", - "CDNPPercentage5XXAlertSeverity": "2", - "FDBackendHealthWindowSize": "PT5M", - "PIPBytesInDDoSAlertSeverity": "4", - "CDNPOriginHealthPercentageWindowSize": "PT5M", - "LBDatapathAvailabilityEvaluationFrequency": "PT1M", - "PIPBytesInDDoSPolicyEffect": "disabled", - "PIPDDoSAttackWindowSize": "PT5M", - "AGWApplicationGatewayTotalTimePolicyEffect": "deployIfNotExists", - "AGWBackendLastByteResponseTimeAlertSensitivity": "Medium", - "PIPVIPAvailabilityThreshold": "1", - "ALZMonitorDisableTagName": "MonitorDisable", - "AGWApplicationGatewayTotalTimeAlertSeverity": "2", - "CDNPOriginHealthPercentageAlertSeverity": "2", - "TMEndpointHealthEvaluationFrequency": "PT1M", - "PIPBytesInDDoSWindowSize": "PT5M", - "AGWBackendLastByteResponseTimeAlertState": "true", - "CDNPPercentage4XXAlertSeverity": "2", - "AGWUnhealthyHostCountWindowSize": "PT5M" - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba-landingzones" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/alerting-management-policySet.jsonc b/Definitions/policyAssignments/alerting-management-policySet.jsonc deleted file mode 100644 index 6092d97c..00000000 --- a/Definitions/policyAssignments/alerting-management-policySet.jsonc +++ /dev/null @@ -1,74 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-Management", - "displayName": "Deploy Azure Monitor Baseline Alerts for Management", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-Management", - "displayName": "Deploy Azure Monitor Baseline Alerts for Management", - "description": "Initiative to deploy AMBA alerts relevant to the ALZ Management management group" - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "activityLAWKeyRegenAlertState": "true", - "activityLAWDeleteAlertState": "true", - "StorageAccountDeleteAlertState": "true", - "StorageAccountAvailabilityThreshold": "90", - "AATotalJobAlertSeverity": "2", - "LAWDailyCapLimitFailingPeriods": "1", - "ALZManagementSubscriptionId": "8da8d616-a90e-446a-9098-ad7381ce56a7", - "LAWDailyCapLimitTimeAggregation": "Count", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "StorageAccountAvailabilityWindowSize": "PT5M", - "AATotalJobAlertWindowSize": "PT5M", - "ALZUserAssignedManagedIdentityName": "id-amba-prod-001", - "ALZMonitorResourceGroupLocation": "eastus", - "BYOUserAssignedManagedIdentityResourceId": "", - "ALZMonitorDisableTagName": "MonitorDisable", - "RVBackupHealthMonitorPolicyEffect": "modify", - "LAWDailyCapLimitPolicyEffect": "deployIfNotExists", - "StorageAccountAvailabilityFrequency": "PT5M", - "AATotalJobAlertEvaluationFrequency": "PT1M", - "LAWDailyCapLimitEvaluationFrequency": "PT5M", - "LAWDailyCapLimitSeverity": "1", - "LAWDailyCapLimitWindowSize": "PT5M", - "StorageAccountAvailabilityAlertState": "true", - "StorageAccountAvailabilityPolicyEffect": "deployIfNotExists", - "StorageAccountAvailabilityAlertSeverity": "1", - "StorageAccountDeletePolicyEffect": "deployIfNotExists", - "activityLAWKeyRegenPolicyEffect": "deployIfNotExists", - "ALZMonitorResourceGroupName": "rg-amba-monitoring-001", - "LAWDailyCapLimitEvaluationPeriods": "1", - "AATotalJobAlertAlertState": "true", - "ALZMonitorResourceGroupTags": { - "Project": "amba-monitoring" - }, - "LAWDailyCapLimitAutoMitigate": "true", - "activityLAWDeletePolicyEffect": "deployIfNotExists", - "LAWDailyCapLimitThreshold": "0", - "AATotalJobAlertPolicyEffect": "deployIfNotExists", - "LAWDailyCapLimitAlertState": "true", - "AATotalJobAlertThreshold": "20", - "LAWDailyCapLimitOperator": "GreaterThan" - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba-management" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/alerting-networkchanges-policySet.jsonc b/Definitions/policyAssignments/alerting-networkchanges-policySet.jsonc deleted file mode 100644 index f3b2c8fa..00000000 --- a/Definitions/policyAssignments/alerting-networkchanges-policySet.jsonc +++ /dev/null @@ -1,45 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-NetworkChanges", - "displayName": "Deploy Azure Monitor Baseline Alerts for Changes in Network Routing and Security", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-NetworkChang", - "displayName": "Deploy Azure Monitor Baseline Alerts for Changes in Network Routing and Security", - "description": "This initiative implements Azure Monitor Baseline Alerts to monitor alterations in Network Routing and Security, such as modifications to Route Tables and the removal of Network Security Groups." - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "activityUDRUpdateAlertState": "true", - "activityNSGDeletePolicyEffect": "deployIfNotExists", - "ALZMonitorResourceGroupLocation": "eastus", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "activityNSGDeleteAlertState": "true", - "ALZMonitorResourceGroupTags": { - "Project": "amba-monitoring" - }, - "ALZMonitorResourceGroupName": "rg-amba-monitoring-001", - "activityUDRUpdatePolicyEffect": "deployIfNotExists", - "ALZMonitorDisableTagName": "MonitorDisable" - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba-landingzones" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/alerting-recoveryservices-policySet.jsonc b/Definitions/policyAssignments/alerting-recoveryservices-policySet.jsonc deleted file mode 100644 index 434cd421..00000000 --- a/Definitions/policyAssignments/alerting-recoveryservices-policySet.jsonc +++ /dev/null @@ -1,37 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-RecoveryServices", - "displayName": "Deploy Azure Monitor Baseline Alerts for Recovery Services", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-RecoverySvc", - "displayName": "Deploy Azure Monitor Baseline Alerts for Recovery Services", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Recovery Services such as Azure Backup, and Azure Site Recovery." - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "RVBackupHealthMonitorPolicyEffect": "modify", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "ALZMonitorDisableTagName": "MonitorDisable" - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba-landingzones" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/alerting-servicehealth-policySet.jsonc b/Definitions/policyAssignments/alerting-servicehealth-policySet.jsonc deleted file mode 100644 index 4c75a741..00000000 --- a/Definitions/policyAssignments/alerting-servicehealth-policySet.jsonc +++ /dev/null @@ -1,61 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-ServiceHealth", - "displayName": "Deploy Azure Monitor Baseline Alerts for Service Health", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-SvcHealth", - "displayName": "Deploy Azure Monitor Baseline Alerts for Service Health", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Service Health Events such as Service issues, Planned maintenance, Health advisories, Security advisories, and Resource health." - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "BYOAlertProcessingRule": "", - "ALZLogicappResourceId": "", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "ALZFunctionResourceId": "", - "ALZMonitorResourceGroupLocation": "eastus", - "ALZWebhookServiceUri": [], - "serviceHealthIncidentPolicyEffect": "deployIfNotExists", - "ALZArmRoleId": [], - "svcHlthSecAdvisoryAlertState": "true", - "ALZMonitorResourceGroupTags": { - "Project": "amba-monitoring" - }, - "SvcHlthIncidentAlertState": "true", - "serviceHealthAdvisoryPolicyEffect": "deployIfNotExists", - "ALZFunctionTriggerUrl": "", - "SvcHlthAdvisoryAlertState": "true", - "serviceHealthMaintenancePolicyEffect": "deployIfNotExists", - "ALZMonitorDisableTagName": "MonitorDisable", - "ALZMonitorActionGroupEmail": [], - "ALZMonitorResourceGroupName": "rg-amba-monitoring-001", - "ResHlthUnhealthyAlertState": "true", - "ALZLogicappCallbackUrl": "", - "ResHlthUnhealthyPolicyEffect": "deployIfNotExists", - "ALZEventHubResourceId": [], - "SvcHlthMaintenanceAlertState": "true", - "serviceHealthSecurityPolicyEffect": "deployIfNotExists", - "BYOActionGroup": [] - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/alerting-storage-policySet.jsonc b/Definitions/policyAssignments/alerting-storage-policySet.jsonc deleted file mode 100644 index fa14f37a..00000000 --- a/Definitions/policyAssignments/alerting-storage-policySet.jsonc +++ /dev/null @@ -1,49 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-Storage", - "displayName": "Deploy Azure Monitor Baseline Alerts for Storage", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-Storage", - "displayName": "Deploy Azure Monitor Baseline Alerts for Storage", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Storage Services such as Storage accounts." - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "StorageAccountAvailabilityThreshold": "90", - "StorageAccountAvailabilityFrequency": "PT5M", - "ALZMonitorResourceGroupTags": { - "Project": "amba-monitoring" - }, - "StorageAccountDeleteAlertState": "true", - "StorageAccountAvailabilityAlertSeverity": "1", - "StorageAccountAvailabilityPolicyEffect": "deployIfNotExists", - "StorageAccountAvailabilityWindowSize": "PT5M", - "ALZMonitorDisableTagName": "MonitorDisable", - "ALZMonitorResourceGroupName": "rg-amba-monitoring-001", - "StorageAccountDeletePolicyEffect": "deployIfNotExists", - "ALZMonitorResourceGroupLocation": "eastus", - "StorageAccountAvailabilityAlertState": "true" - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba-landingzones" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/alerting-vm-policySet.jsonc b/Definitions/policyAssignments/alerting-vm-policySet.jsonc deleted file mode 100644 index 59b4b93b..00000000 --- a/Definitions/policyAssignments/alerting-vm-policySet.jsonc +++ /dev/null @@ -1,208 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-VM", - "displayName": "Deploy Azure Monitor Baseline Alerts for Virtual Machines", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-VM", - "displayName": "Deploy Azure Monitor Baseline Alerts for Virtual Machines", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Azure Virtual Machines." - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "VMDataDiskReadLatencyTimeAggregation": "Count", - "VMOSDiskSpaceTimeAggregation": "Count", - "VMPercentMemoryAutoResolveTime": "00:10:00", - "ALZMonitorResourceGroupLocation": "eastus", - "VMPercentMemoryWindowSize": "PT15M", - "VMDataDiskReadLatencyComputersToInclude": [ - "*" - ], - "VMDataDiskWriteLatencyEvaluationPeriods": "1", - "VMOSDiskWriteLatencyAutoResolve": "true", - "VMNetworkOutAlertState": "true", - "VMDataDiskSpaceThreshold": "10", - "VMPercentMemoryThreshold": "10", - "VMNetworkInAutoResolve": "true", - "VMDataDiskSpaceFailingPeriods": "1", - "VMOSDiskSpaceAutoResolveTime": "00:10:00", - "ALZMonitorResourceGroupName": "rg-amba-monitoring-001", - "VMNetworkOutFailingPeriods": "1", - "VMHeartBeatRGTimeAggregation": "Count", - "VMPercentCPUFailingPeriods": "1", - "VMDataDiskSpaceWindowSize": "PT15M", - "VMNetworkInComputersToInclude": [ - "*" - ], - "VMPercentCPUEvaluationFrequency": "PT5M", - "VMOSDiskWriteLatencyAlertSeverity": "2", - "VMOSDiskWriteLatencyEvaluationFrequency": "PT5M", - "VMNetworkOutEvaluationPeriods": "1", - "VMHeartBeatRGEvaluationFrequency": "PT5M", - "VMPercentMemoryAlertSeverity": "2", - "VMDataDiskReadLatencyAutoMitigate": "true", - "ALZManagementSubscriptionId": "8da8d616-a90e-446a-9098-ad7381ce56a7", - "VMOSDiskSpaceEvaluationPeriods": "1", - "VMHeartBeatRGAlertSeverity": "1", - "VMOSDiskReadLatencyEvaluationPeriods": "1", - "VMNetworkInThreshold": "10000000", - "VMOSDiskSpaceAlertState": "true", - "VMPercentCPUAutoResolveTime": "00:10:00", - "VMPercentMemoryOperator": "GreaterThan", - "VMNetworkOutPolicyEffect": "deployIfNotExists", - "VMOSDiskWriteLatencyTimeAggregation": "Count", - "VMNetworkOutThreshold": "10000000", - "VMDataDiskWriteLatencyEvaluationFrequency": "PT5M", - "VMDataDiskWriteLatencyComputersToInclude": [ - "*" - ], - "VMOSDiskSpacePolicyEffect": "deployIfNotExists", - "VMDataDiskWriteLatencyOperator": "GreaterThan", - "VMOSDiskWriteLatencyWindowSize": "PT15M", - "VMNetworkInFailingPeriods": "1", - "VMDataDiskWriteLatencyTimeAggregation": "Count", - "VMPercentCPUAlertSeverity": "2", - "VMNetworkOutAutoResolve": "true", - "VMOSDiskReadLatencyAutoMitigate": "true", - "VMOSDiskWriteLatencyAutoResolveTime": "00:10:00", - "VMOSDiskWriteLatencyComputersToInclude": [ - "*" - ], - "VMOSDiskWriteLatencyEvaluationPeriods": "1", - "VMHeartBeatRGAlertState": "true", - "VMDataDiskReadLatencyOperator": "GreaterThan", - "VMDataDiskReadLatencyAlertState": "true", - "VMDataDiskWriteLatencyAutoMitigate": "true", - "VMOSDiskSpaceAlertSeverity": "2", - "VMDataDiskSpaceTimeAggregation": "Count", - "VMOSDiskReadLatencyFailingPeriods": "1", - "VMPercentMemoryTimeAggregation": "Count", - "VMDataDiskWriteLatencyFailingPeriods": "1", - "VMNetworkOutAutoMitigate": "true", - "VMNetworkOutWindowSize": "PT15M", - "VMOSDiskSpaceEvaluationFrequency": "PT5M", - "VMDataDiskSpaceEvaluationPeriods": "1", - "VMDataDiskWriteLatencyAlertSeverity": "2", - "VMHeartBeatRGAutoMitigate": "true", - "VMHeartBeatRGAutoResolve": "true", - "VMNetworkInEvaluationPeriods": "1", - "VMPercentMemoryAutoMitigate": "true", - "VMOSDiskSpaceOperator": "GreaterThan", - "VMNetworkInPolicyEffect": "deployIfNotExists", - "VMOSDiskWriteLatencyAutoMitigate": "true", - "VMNetworkInAutoMitigate": "true", - "VMPercentMemoryEvaluationFrequency": "PT5M", - "VMOSDiskReadLatencyAutoResolve": "true", - "VMNetworkInEvaluationFrequency": "PT5M", - "VMOSDiskWriteLatencyPolicyEffect": "deployIfNotExists", - "VMPercentMemoryFailingPeriods": "1", - "VMDataDiskReadLatencyThreshold": "30", - "ALZUserAssignedManagedIdentityName": "id-amba-prod-001", - "VMPercentCPUAutoResolve": "true", - "ALZMonitorResourceGroupTags": { - "Project": "amba-monitoring" - }, - "VMOSDiskSpaceWindowSize": "PT15M", - "VMOSDiskSpaceAutoResolve": "true", - "VMPercentMemoryAutoResolve": "true", - "VMOSDiskSpaceAutoMitigate": "true", - "VMDataDiskSpaceAlertSeverity": "2", - "VMNetworkInAlertSeverity": "2", - "VMHeartBeatRGPolicyEffect": "deployIfNotExists", - "VMOSDiskWriteLatencyFailingPeriods": "1", - "VMPercentCPUAutoMitigate": "true", - "VMDataDiskReadLatencyAutoResolve": "true", - "VMDataDiskSpaceOperator": "GreaterThan", - "VMOSDiskReadLatencyWindowSize": "PT15M", - "VMPercentCPUPolicyEffect": "deployIfNotExists", - "VMOSDiskSpaceComputersToInclude": [ - "*" - ], - "VMDataDiskWriteLatencyAlertState": "true", - "VMOSDiskWriteLatencyAlertState": "true", - "BYOUserAssignedManagedIdentityResourceId": "", - "VMOSDiskReadLatencyOperator": "GreaterThan", - "VMHeartBeatRGComputersToInclude": [ - "*" - ], - "VMPercentCPUWindowSize": "PT15M", - "VMOSDiskSpaceThreshold": "10", - "VMNetworkOutOperator": "GreaterThan", - "VMNetworkInAlertState": "true", - "VMOSDiskReadLatencyPolicyEffect": "deployIfNotExists", - "VMDataDiskSpaceEvaluationFrequency": "PT5M", - "VMNetworkInWindowSize": "PT15M", - "VMDataDiskWriteLatencyWindowSize": "PT15M", - "VMOSDiskReadLatencyAutoResolveTime": "00:10:00", - "VMOSDiskWriteLatencyThreshold": "30", - "VMNetworkOutTimeAggregation": "Count", - "VMNetworkInTimeAggregation": "Count", - "VMHeartBeatRGFailingPeriods": "1", - "VMDataDiskReadLatencyEvaluationPeriods": "1", - "VMDataDiskReadLatencyEvaluationFrequency": "PT5M", - "VMPercentMemoryPolicyEffect": "deployIfNotExists", - "VMNetworkOutComputersToInclude": [ - "*" - ], - "VMDataDiskWriteLatencyAutoResolveTime": "00:10:00", - "VMDataDiskSpaceAlertState": "true", - "VMDataDiskSpaceAutoMitigate": "true", - "VMDataDiskReadLatencyAutoResolveTime": "00:10:00", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "VMDataDiskReadLatencyPolicyEffect": "deployIfNotExists", - "VMPercentCPUOperator": "GreaterThan", - "VMDataDiskReadLatencyWindowSize": "PT15M", - "ALZMonitorDisableTagName": "MonitorDisable", - "VMPercentCPUAlertState": "true", - "VMOSDiskReadLatencyAlertState": "true", - "VMOSDiskReadLatencyThreshold": "30", - "VMHeartBeatRGAutoResolveTime": "00:10:00", - "VMHeartBeatRGOperator": "GreaterThan", - "VMDataDiskSpaceAutoResolveTime": "00:10:00", - "VMNetworkOutAutoResolveTime": "00:10:00", - "VMDataDiskReadLatencyFailingPeriods": "1", - "VMHeartBeatRGWindowSize": "PT6H", - "VMDataDiskSpacePolicyEffect": "deployIfNotExists", - "VMOSDiskReadLatencyComputersToInclude": [ - "*" - ], - "VMNetworkOutEvaluationFrequency": "PT5M", - "VMNetworkInAutoResolveTime": "00:10:00", - "VMPercentCPUTimeAggregation": "Count", - "VMPercentMemoryAlertState": "true", - "VMOSDiskReadLatencyAlertSeverity": "2", - "VMOSDiskReadLatencyEvaluationFrequency": "PT5M", - "VMNetworkInOperator": "GreaterThan", - "VMDataDiskWriteLatencyPolicyEffect": "deployIfNotExists", - "VMDataDiskReadLatencyAlertSeverity": "2", - "VMPercentCPUThreshold": "85", - "VMHeartBeatRGThreshold": "10", - "VMOSDiskWriteLatencyOperator": "GreaterThan", - "VMNetworkOutAlertSeverity": "2", - "VMDataDiskWriteLatencyThreshold": "30", - "VMOSDiskReadLatencyTimeAggregation": "Count", - "VMDataDiskWriteLatencyAutoResolve": "true", - "VMDataDiskSpaceAutoResolve": "true", - "VMOSDiskSpaceFailingPeriods": "1" - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba-landingzones" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/alerting-web-policySet.jsonc b/Definitions/policyAssignments/alerting-web-policySet.jsonc deleted file mode 100644 index f73560a8..00000000 --- a/Definitions/policyAssignments/alerting-web-policySet.jsonc +++ /dev/null @@ -1,58 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Alerting-Web", - "displayName": "Deploy Azure Monitor Baseline Alerts for Web", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Alerting must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-Web", - "displayName": "Deploy Azure Monitor Baseline Alerts for Web", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Web Services such as App Services." - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "WSFDiskQueueLengthAlertSeverity": "2", - "WSFCPUPercentageWindowSize": "PT5M", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "WSFHttpQueueLengthPolicyEffect": "deployIfNotExists", - "WSFCPUPercentageAlertSeverity": "2", - "WSFCPUPercentageEvaluationFrequency": "PT1M", - "WSFMemoryPercentageWindowSize": "PT5M", - "WSFDiskQueueLengthPolicyEffect": "deployIfNotExists", - "WSFHttpQueueLengthAlertState": "true", - "WSFMemoryPercentageEvaluationFrequency": "PT1M", - "WSFCPUPercentageAlertState": "true", - "WSFMemoryPercentageAlertSeverity": "2", - "ALZMonitorDisableTagName": "MonitorDisable", - "WSFDiskQueueLengthEvaluationFrequency": "PT1M", - "WSFHttpQueueLengthEvaluationFrequency": "PT1M", - "WSFDiskQueueLengthWindowSize": "PT5M", - "WSFCPUPercentagePolicyEffect": "deployIfNotExists", - "WSFMemoryPercentageAlertState": "true", - "WSFHttpQueueLengthWindowSize": "PT5M", - "WSFDiskQueueLengthAlertState": "true", - "WSFCPUPercentageThreshold": "90", - "WSFMemoryPercentagePolicyEffect": "deployIfNotExists", - "WSFMemoryPercentageThreshold": "85", - "WSFHttpQueueLengthAlertSeverity": "2" - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba-landingzones" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyAssignments/notification-assets-policySet.jsonc b/Definitions/policyAssignments/notification-assets-policySet.jsonc deleted file mode 100644 index f58b338a..00000000 --- a/Definitions/policyAssignments/notification-assets-policySet.jsonc +++ /dev/null @@ -1,51 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-assignment-schema.json", - "nodeName": "/root", - "definitionEntry": { - "policySetName": "Notification-Assets", - "displayName": "Deploy Azure Monitor Baseline Alerts - Notification Assets", - "nonComplianceMessages": [ - { - "policyDefinitionReferenceId": null, - "message": "Notification Assets must be deployed to Azure services." - } - ] - }, - "assignment": { - "name": "Deploy-AMBA-Notification", - "displayName": "Deploy Azure Monitor Baseline Alerts - Notification Assets", - "description": "This initiative deploys Notification Assets for Azure Monitor Baseline Alerts. This includes the setup of an Alert Processing Rule and an Action Group to manage notifications and actions, along with a Notification Suppression Rule to manage alert notifications, as well as a Notification Suppression Rule to control alert notifications." - }, - "metadata": { - "_deployed_by_amba": true - }, - "parameters": { - "BYOAlertProcessingRule": "", - "ALZLogicappResourceId": "", - "ALZMonitorDisableTagValues": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "ALZFunctionResourceId": "", - "ALZMonitorResourceGroupLocation": "eastus", - "ALZWebhookServiceUri": [], - "ALZArmRoleId": [], - "ALZMonitorResourceGroupTags": { - "Project": "amba-monitoring" - }, - "ALZFunctionTriggerUrl": "", - "ALZMonitorDisableTagName": "MonitorDisable", - "ALZMonitorActionGroupEmail": [], - "ALZMonitorResourceGroupName": "rg-amba-monitoring-001", - "ALZLogicappCallbackUrl": "", - "ALZEventHubResourceId": [], - "BYOActionGroup": [] - }, - "scope": { - "amba": [ - "/providers/Microsoft.Management/managementGroups/amba" - ] - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Automation/deploy_aa_totaljob_alert.jsonc b/Definitions/policyDefinitions/Automation/deploy_aa_totaljob_alert.jsonc deleted file mode 100644 index 1dc4ecef..00000000 --- a/Definitions/policyDefinitions/Automation/deploy_aa_totaljob_alert.jsonc +++ /dev/null @@ -1,339 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AA_TotalJob_Alert", - "properties": { - "displayName": "Deploy Automation Account TotalJob Alert", - "description": "Policy to audit/deploy Automation Account TotalJob Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Automation", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "0", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Automation/automationAccounts", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Automation/automationAccounts", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TotalJob", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Automation/automationAccounts/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-TotalJob-threshold-Override_'), field('tags._amba-TotalJob-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-TotalJob-threshold-Override_'), field('tags._amba-TotalJob-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Automation Account TotalJob Alert", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "TotalJob", - "metricNamespace": "Microsoft.Automation/automationAccounts", - "criterionType": "StaticThresholdCriterion", - "metricName": "TotalJob", - "dimensions": [ - { - "operator": "Exclude", - "name": "Status", - "values": [ - "Completed" - ] - } - ] - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TotalJob')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Compute/deploy_vm_cpu_alert.jsonc b/Definitions/policyDefinitions/Compute/deploy_vm_cpu_alert.jsonc deleted file mode 100644 index 7e4cc1ef..00000000 --- a/Definitions/policyDefinitions/Compute/deploy_vm_cpu_alert.jsonc +++ /dev/null @@ -1,587 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VM_CPU_Alert", - "properties": { - "displayName": "Deploy VM CPU Alert", - "description": "Policy to audit/deploy VM CPU Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.1", - "category": "Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "85", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Compute/virtualMachines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-VMHighCPUAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-UtilizationPercentage-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"Processor\" and Name == \"UtilizationPercentage\" | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-UtilizationPercentage-threshold-Override_\", tostring(tags.[\"_amba-UtilizationPercentage-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine CPU", - "displayName": "[concat(subscription().displayName, '-VMHighCPUAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-UtilizationPercentage-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"Processor\" and Name == \"UtilizationPercentage\" | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-UtilizationPercentage-threshold-Override_\", tostring(tags.[\"_amba-UtilizationPercentage-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.Compute/virtualMachines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-VMHighCPUAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "VMCPUAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Compute/deploy_vm_datadiskreadlatency_alert.jsonc b/Definitions/policyDefinitions/Compute/deploy_vm_datadiskreadlatency_alert.jsonc deleted file mode 100644 index 85943edd..00000000 --- a/Definitions/policyDefinitions/Compute/deploy_vm_datadiskreadlatency_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VM_dataDiskReadLatency_Alert", - "properties": { - "displayName": "Deploy VM Data Disk Read Latency Alert", - "description": "Policy to audit/deploy VM dataDiskReadLatency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.1", - "category": "Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Compute/virtualMachines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-VMHighDataDiskReadLatencyAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadLatencyMs-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\", \"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadLatencyMs-Data-threshold-Override_\", tostring(tags.[\"_amba-ReadLatencyMs-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine dataDiskReadLatency", - "displayName": "[concat(subscription().displayName, '-VMHighDataDiskReadLatencyAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadLatencyMs-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\", \"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadLatencyMs-Data-threshold-Override_\", tostring(tags.[\"_amba-ReadLatencyMs-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.Compute/virtualMachines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-VMHighDataDiskReadLatencyAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "VMdataDiskReadLatencyAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Compute/deploy_vm_datadiskspace_alert.jsonc b/Definitions/policyDefinitions/Compute/deploy_vm_datadiskspace_alert.jsonc deleted file mode 100644 index ef80ec34..00000000 --- a/Definitions/policyDefinitions/Compute/deploy_vm_datadiskspace_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VM_dataDiskSpace_Alert", - "properties": { - "displayName": "Deploy VM Data Disk Space Alert", - "description": "Policy to audit/deploy VM data Disk Space Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.1", - "category": "Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Compute/virtualMachines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-VMLowDataDiskSpaceAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-FreeSpacePercentage-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\", \"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-FreeSpacePercentage-Data-threshold-Override_\", tostring(tags.[\"_amba-FreeSpacePercentage-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine dataDiskSpace", - "displayName": "[concat(subscription().displayName, '-VMLowDataDiskSpaceAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-FreeSpacePercentage-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\", \"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-FreeSpacePercentage-Data-threshold-Override_\", tostring(tags.[\"_amba-FreeSpacePercentage-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.Compute/virtualMachines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-VMLowDataDiskSpaceAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "VMdataDiskSpaceAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Compute/deploy_vm_datadiskwritelatency_alert.jsonc b/Definitions/policyDefinitions/Compute/deploy_vm_datadiskwritelatency_alert.jsonc deleted file mode 100644 index 94724706..00000000 --- a/Definitions/policyDefinitions/Compute/deploy_vm_datadiskwritelatency_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VM_dataDiskWriteLatency_Alert", - "properties": { - "displayName": "Deploy VM Data Disk Write Latency Alert", - "description": "Policy to audit/deploy VM dataDiskWriteLatency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.1", - "category": "Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Compute/virtualMachines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-VMHighDataDiskWriteLatencyAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteLatencyMs-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteLatencyMs-Data-threshold-Override_\", tostring(tags.[\"_amba-WriteLatencyMs-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine dataDiskWriteLatency", - "displayName": "[concat(subscription().displayName, '-VMHighDataDiskWriteLatencyAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteLatencyMs-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteLatencyMs-Data-threshold-Override_\", tostring(tags.[\"_amba-WriteLatencyMs-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.Compute/virtualMachines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-VMHighDataDiskWriteLatencyAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "VMdataDiskWriteLatencyAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Compute/deploy_vm_heartbeat_alert.jsonc b/Definitions/policyDefinitions/Compute/deploy_vm_heartbeat_alert.jsonc deleted file mode 100644 index 508464b3..00000000 --- a/Definitions/policyDefinitions/Compute/deploy_vm_heartbeat_alert.jsonc +++ /dev/null @@ -1,604 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VM_HeartBeat_Alert", - "properties": { - "displayName": "Deploy VM HeartBeat Alert", - "description": "Policy to audit/deploy VM HeartBeat Alert for all VMs in the subscription", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.1", - "category": "Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT6H", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Compute/virtualMachines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-VMHeartBeatAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-Heartbeat-threshold-Override_\"); Heartbeat | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | summarize TimeGenerated=max(TimeGenerated) by Computer, _ResourceId | extend Duration = datetime_diff(\"minute\",now(),TimeGenerated) | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-Heartbeat-threshold-Override_\", tostring(tags.[\"_amba-Heartbeat-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where Duration > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Duration', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine Heartbeat", - "displayName": "[concat(subscription().displayName, '-VMHeartBeatAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-Heartbeat-threshold-Override_\"); Heartbeat | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | summarize TimeGenerated=max(TimeGenerated) by Computer, _ResourceId | extend Duration = datetime_diff(\"minute\",now(),TimeGenerated) | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-Heartbeat-threshold-Override_\", tostring(tags.[\"_amba-Heartbeat-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where Duration > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Duration', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.Compute/virtualMachines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-VMHeartBeatAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HeartBeatAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Compute/deploy_vm_memory_alert.jsonc b/Definitions/policyDefinitions/Compute/deploy_vm_memory_alert.jsonc deleted file mode 100644 index a87b3c09..00000000 --- a/Definitions/policyDefinitions/Compute/deploy_vm_memory_alert.jsonc +++ /dev/null @@ -1,587 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VM_Memory_Alert", - "properties": { - "displayName": "Deploy VM Memory Alert", - "description": "Policy to audit/deploy VM Memory Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.1", - "category": "Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Compute/virtualMachines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-VMLowMemoryAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-AvailableMemoryPercentage-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"Memory\" and Name == \"AvailableMB\" | extend TotalMemory = toreal(todynamic(Tags)[\"vm.azm.ms/memorySizeMB\"]) | extend AvailableMemoryPercentage = (toreal(Val) / TotalMemory) * 100.0 | summarize AggregatedValue = avg(AvailableMemoryPercentage) by bin(TimeGenerated, 15m), Computer, _ResourceId | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-AvailableMemoryPercentage-threshold-Override_\", tostring(tags.[\"_amba-AvailableMemoryPercentage-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine Memory", - "displayName": "[concat(subscription().displayName, '-VMLowMemoryAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-AvailableMemoryPercentage-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"Memory\" and Name == \"AvailableMB\" | extend TotalMemory = toreal(todynamic(Tags)[\"vm.azm.ms/memorySizeMB\"]) | extend AvailableMemoryPercentage = (toreal(Val) / TotalMemory) * 100.0 | summarize AggregatedValue = avg(AvailableMemoryPercentage) by bin(TimeGenerated, 15m), Computer, _ResourceId | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-AvailableMemoryPercentage-threshold-Override_\", tostring(tags.[\"_amba-AvailableMemoryPercentage-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.Compute/virtualMachines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-VMLowMemoryAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "VMMemoryAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Compute/deploy_vm_networkin_alert.jsonc b/Definitions/policyDefinitions/Compute/deploy_vm_networkin_alert.jsonc deleted file mode 100644 index ef938ac0..00000000 --- a/Definitions/policyDefinitions/Compute/deploy_vm_networkin_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VM_NetworkIn_Alert", - "properties": { - "displayName": "Deploy VM Network Read Alert", - "description": "Policy to audit/deploy VM Network Read Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.1", - "category": "Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10000000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Compute/virtualMachines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-VMHighNetworkInAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadBytesPerSecond-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"ReadBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadBytesPerSecond-Data-threshold-Override_\", tostring(tags.[\"_amba-ReadBytesPerSecond-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, NetworkInterface, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine NetworkIn", - "displayName": "[concat(subscription().displayName, '-VMHighNetworkInAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "NetworkInterface", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadBytesPerSecond-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"ReadBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadBytesPerSecond-Data-threshold-Override_\", tostring(tags.[\"_amba-ReadBytesPerSecond-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, NetworkInterface, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.Compute/virtualMachines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-VMHighNetworkInAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "VMNetworkInAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Compute/deploy_vm_networkout_alert.jsonc b/Definitions/policyDefinitions/Compute/deploy_vm_networkout_alert.jsonc deleted file mode 100644 index 04cefdee..00000000 --- a/Definitions/policyDefinitions/Compute/deploy_vm_networkout_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VM_NetworkOut_Alert", - "properties": { - "displayName": "Deploy VM Network Write Alert", - "description": "Policy to audit/deploy VM Network Out Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.1", - "category": "Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10000000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Compute/virtualMachines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-VMHighNetworkOutAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteBytesPerSecond-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"WriteBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteBytesPerSecond-Data-threshold-Override_\", tostring(tags.[\"_amba-WriteBytesPerSecond-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, NetworkInterface, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine NetworkOut", - "displayName": "[concat(subscription().displayName, '-VMHighNetworkOutAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "NetworkInterface", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteBytesPerSecond-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"WriteBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteBytesPerSecond-Data-threshold-Override_\", tostring(tags.[\"_amba-WriteBytesPerSecond-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, NetworkInterface, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.Compute/virtualMachines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-VMHighNetworkOutAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "VMNetworkOutAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Compute/deploy_vm_osdiskreadlatency_alert.jsonc b/Definitions/policyDefinitions/Compute/deploy_vm_osdiskreadlatency_alert.jsonc deleted file mode 100644 index 3b10cbb7..00000000 --- a/Definitions/policyDefinitions/Compute/deploy_vm_osdiskreadlatency_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VM_OSDiskreadLatency_Alert", - "properties": { - "displayName": "Deploy VM OS Disk Read Latency Alert", - "description": "Policy to audit/deploy VM OSDiskreadLatency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.1", - "category": "Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Compute/virtualMachines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-VMHighOSDiskReadLatencyAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadLatencyMs-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadLatencyMs-OS-threshold-Override_\", tostring(tags.[\"_amba-ReadLatencyMs-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine OSDiskreadLatency", - "displayName": "[concat(subscription().displayName, '-VMHighOSDiskReadLatencyAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadLatencyMs-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadLatencyMs-OS-threshold-Override_\", tostring(tags.[\"_amba-ReadLatencyMs-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.Compute/virtualMachines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-VMHighOSDiskReadLatencyAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "VMOSDiskreadLatencyAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Compute/deploy_vm_osdiskspace_alert.jsonc b/Definitions/policyDefinitions/Compute/deploy_vm_osdiskspace_alert.jsonc deleted file mode 100644 index ce1461e3..00000000 --- a/Definitions/policyDefinitions/Compute/deploy_vm_osdiskspace_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VM_OSDiskSpace_Alert", - "properties": { - "displayName": "Deploy VM OS Disk Space Alert", - "description": "Policy to audit/deploy VM OSDiskSpace Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.1", - "category": "Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Compute/virtualMachines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-VMLowOSDiskSpaceAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-FreeSpacePercentage-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-FreeSpacePercentage-OS-threshold-Override_\", tostring(tags.[\"_amba-FreeSpacePercentage-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine OSDiskSpace", - "displayName": "[concat(subscription().displayName, '-VMLowOSDiskSpaceAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-FreeSpacePercentage-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-FreeSpacePercentage-OS-threshold-Override_\", tostring(tags.[\"_amba-FreeSpacePercentage-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.Compute/virtualMachines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-VMLowOSDiskSpaceAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "VMOSDiskSpaceAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Compute/deploy_vm_osdiskwritelatency_alert.jsonc b/Definitions/policyDefinitions/Compute/deploy_vm_osdiskwritelatency_alert.jsonc deleted file mode 100644 index 88c1189f..00000000 --- a/Definitions/policyDefinitions/Compute/deploy_vm_osdiskwritelatency_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VM_OSDiskwriteLatency_Alert", - "properties": { - "displayName": "Deploy VM OS Disk Write Latency Alert", - "description": "Policy to audit/deploy VM OSDiskwriteLatency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.1", - "category": "Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Compute/virtualMachines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-VMHighOSDiskWriteLatencyAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteLatencyMs-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteLatencyMs-OS-threshold-Override_\", tostring(tags.[\"_amba-WriteLatencyMs-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine OSDiskwriteLatency", - "displayName": "[concat(subscription().displayName, '-VMHighOSDiskWriteLatencyAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let excludedVMSSNodes = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | extend isVMSS = isnotempty(properties.virtualMachineScaleSet) | where isVMSS | project id, name); let overridenResource = (arg(\"\").resources | where type =~ \"Microsoft.Compute/virtualMachines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteLatencyMs-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.Compute/virtualMachines\" | where _ResourceId !in~ (excludedResources) | where _ResourceId !in~ (excludedVMSSNodes) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteLatencyMs-OS-threshold-Override_\", tostring(tags.[\"_amba-WriteLatencyMs-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.Compute/virtualMachines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-VMHighOSDiskWriteLatencyAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "VMOSDiskwriteLatencyAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_cpu_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_cpu_alert.jsonc deleted file mode 100644 index 3e7b90ed..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_cpu_alert.jsonc +++ /dev/null @@ -1,587 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_CPU_Alert", - "properties": { - "displayName": "Deploy Hybrid VM CPU Alert", - "description": "Policy to audit/deploy VM CPU Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "85", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMHighCPUAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-UtilizationPercentage-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"Processor\" and Name == \"UtilizationPercentage\" | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-UtilizationPercentage-threshold-Override_\", tostring(tags.[\"_amba-UtilizationPercentage-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine CPU", - "displayName": "[concat(subscription().displayName, '-HybridVMHighCPUAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-UtilizationPercentage-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"Processor\" and Name == \"UtilizationPercentage\" | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-UtilizationPercentage-threshold-Override_\", tostring(tags.[\"_amba-UtilizationPercentage-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMHighCPUAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMCPUAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_datadiskreadlatency_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_datadiskreadlatency_alert.jsonc deleted file mode 100644 index 3c3ee4b6..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_datadiskreadlatency_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_dataDiskReadLatency_Alert", - "properties": { - "displayName": "Deploy Hybrid VM Data Disk Read Latency Alert", - "description": "Policy to audit/deploy VM dataDiskReadLatency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMHighDataDiskReadLatencyAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadLatencyMs-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\", \"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadLatencyMs-Data-threshold-Override_\", tostring(tags.[\"_amba-ReadLatencyMs-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine dataDiskReadLatency", - "displayName": "[concat(subscription().displayName, '-HybridVMHighDataDiskReadLatencyAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadLatencyMs-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\", \"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadLatencyMs-Data-threshold-Override_\", tostring(tags.[\"_amba-ReadLatencyMs-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMHighDataDiskReadLatencyAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMdataDiskReadLatencyAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_datadiskspace_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_datadiskspace_alert.jsonc deleted file mode 100644 index 4b3a5b72..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_datadiskspace_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_dataDiskSpace_Alert", - "properties": { - "displayName": "Deploy Hybrid VM Data Disk Space Alert", - "description": "Policy to audit/deploy VM data Disk Space Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMLowDataDiskSpaceAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-FreeSpacePercentage-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-FreeSpacePercentage-Data-threshold-Override_\", tostring(tags.[\"_amba-FreeSpacePercentage-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine dataDiskSpace", - "displayName": "[concat(subscription().displayName, '-HybridVMLowDataDiskSpaceAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-FreeSpacePercentage-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-FreeSpacePercentage-Data-threshold-Override_\", tostring(tags.[\"_amba-FreeSpacePercentage-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMLowDataDiskSpaceAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMdataDiskSpaceAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_datadiskwritelatency_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_datadiskwritelatency_alert.jsonc deleted file mode 100644 index ad77740a..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_datadiskwritelatency_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_dataDiskWriteLatency_Alert", - "properties": { - "displayName": "Deploy Hybrid VM Data Disk Write Latency Alert", - "description": "Policy to audit/deploy VM dataDiskWriteLatency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMHighDataDiskWriteLatencyAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteLatencyMs-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteLatencyMs-Data-threshold-Override_\", tostring(tags.[\"_amba-WriteLatencyMs-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine dataDiskWriteLatency", - "displayName": "[concat(subscription().displayName, '-HybridVMHighDataDiskWriteLatencyAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteLatencyMs-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk !in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteLatencyMs-Data-threshold-Override_\", tostring(tags.[\"_amba-WriteLatencyMs-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMHighDataDiskWriteLatencyAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMdataDiskWriteLatencyAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_disconnected_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_disconnected_alert.jsonc deleted file mode 100644 index 3a6a7c00..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_disconnected_alert.jsonc +++ /dev/null @@ -1,560 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_Disconnected_Alert", - "properties": { - "displayName": "Deploy Hybrid VM Disconnected Alert", - "description": "Policy to Deploy Hybrid VM Disconnected Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.0", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT10M", - "PT15M", - "PT30M", - "PT1H", - "PT2H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT10M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT12H", - "P1D" - ], - "defaultValue": "P1D", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "allowedValues": [ - "5m", - "10m", - "15m", - "30m", - "1h", - "2h", - "3h", - "6h", - "12h", - "1d", - "2d", - "3d", - "7d" - ], - "defaultValue": "10m", - "metadata": { - "description": "Threshold in timespan value for the Hybrid VM Disconnected alert", - "displayName": "Hybrid VM Disconnected Threshold (expressed in timespan)" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMDisconnectedAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | where parse_json(tostring(tags.{0})) !in~ (\"{1}\") | where tostring(properties.status) == \"Disconnected\" | extend lastContactedDate = todatetime(properties.lastStatusChange) | where lastContactedDate <= ago(totimespan(policyThresholdString)) | extend status = tostring(properties.status) | project id, Computer=name, status, lastContactedDate', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Hybrid VM in disconnected state. Not being connected, prevents extensions to be correctly managed from the portal and Azure policies to be correctly applied. Ensure that both server the specific service (Azure Hybrid Instance Metadata Service on Windows or azcmagent on Linux) are running.", - "displayName": "[concat(subscription().displayName, '-HybridVMDisconnectedAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "id", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | where parse_json(tostring(tags.{0})) !in~ (\"{1}\") | where tostring(properties.status) == \"Disconnected\" | extend lastContactedDate = todatetime(properties.lastStatusChange) | where lastContactedDate <= ago(totimespan(policyThresholdString)) | extend status = tostring(properties.status) | project id, Computer=name, status, lastContactedDate', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMDisconnectedAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMDisconnectedAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_heartbeat_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_heartbeat_alert.jsonc deleted file mode 100644 index 0449011c..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_heartbeat_alert.jsonc +++ /dev/null @@ -1,604 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_HeartBeat_Alert", - "properties": { - "displayName": "Deploy Hybrid VM HeartBeat Alert", - "description": "Policy to audit/deploy VM HeartBeat Alert for all VMs in the subscription", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT6H", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMHeartBeatAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-Heartbeat-threshold-Override_\"); Heartbeat | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | summarize TimeGenerated=max(TimeGenerated) by Computer, _ResourceId | extend Duration = datetime_diff(\"minute\",now(),TimeGenerated) | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-Heartbeat-threshold-Override_\", tostring(tags.[\"_amba-Heartbeat-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where Duration > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Duration', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine Heartbeat", - "displayName": "[concat(subscription().displayName, '-HybridVMHeartBeatAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-Heartbeat-threshold-Override_\"); Heartbeat | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | summarize TimeGenerated=max(TimeGenerated) by Computer, _ResourceId | extend Duration = datetime_diff(\"minute\",now(),TimeGenerated) | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-Heartbeat-threshold-Override_\", tostring(tags.[\"_amba-Heartbeat-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where Duration > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Duration', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMHeartBeatAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMHeartBeatAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_memory_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_memory_alert.jsonc deleted file mode 100644 index 44774ff7..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_memory_alert.jsonc +++ /dev/null @@ -1,587 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_Memory_Alert", - "properties": { - "displayName": "Deploy Hybrid VM Memory Alert", - "description": "Policy to audit/deploy VM Memory Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMLowMemoryAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-AvailableMemoryPercentage-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"Memory\" and Name == \"AvailableMB\" | extend TotalMemory = toreal(todynamic(Tags)[\"vm.azm.ms/memorySizeMB\"]) | extend AvailableMemoryPercentage = (toreal(Val) / TotalMemory) * 100.0 | summarize AggregatedValue = avg(AvailableMemoryPercentage) by bin(TimeGenerated, 15m), Computer, _ResourceId | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-AvailableMemoryPercentage-threshold-Override_\", tostring(tags.[\"_amba-AvailableMemoryPercentage-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine Memory", - "displayName": "[concat(subscription().displayName, '-HybridVMLowMemoryAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-AvailableMemoryPercentage-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"Memory\" and Name == \"AvailableMB\" | extend TotalMemory = toreal(todynamic(Tags)[\"vm.azm.ms/memorySizeMB\"]) | extend AvailableMemoryPercentage = (toreal(Val) / TotalMemory) * 100.0 | summarize AggregatedValue = avg(AvailableMemoryPercentage) by bin(TimeGenerated, 15m), Computer, _ResourceId | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-AvailableMemoryPercentage-threshold-Override_\", tostring(tags.[\"_amba-AvailableMemoryPercentage-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMLowMemoryAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMMemoryAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_networkin_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_networkin_alert.jsonc deleted file mode 100644 index 36d1b3dc..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_networkin_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_NetworkIn_Alert", - "properties": { - "displayName": "Deploy Hybrid VM Network Read Alert", - "description": "Policy to audit/deploy VM Nework Read Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10000000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMHighNetworkInAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadBytesPerSecond-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"ReadBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadBytesPerSecond-Data-threshold-Override_\", tostring(tags.[\"_amba-ReadBytesPerSecond-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, NetworkInterface, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine NetworkIn", - "displayName": "[concat(subscription().displayName, '-HybridVMHighNetworkInAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "NetworkInterface", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadBytesPerSecond-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"ReadBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadBytesPerSecond-Data-threshold-Override_\", tostring(tags.[\"_amba-ReadBytesPerSecond-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, NetworkInterface, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMHighNetworkInAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMVMNetworkInAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_networkout_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_networkout_alert.jsonc deleted file mode 100644 index 14715756..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_networkout_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_NetworkOut_Alert", - "properties": { - "displayName": "Deploy Hybrid VM Network Write Alert", - "description": "Policy to audit/deploy VM Network Out Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10000000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMHighNetworkOutAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteBytesPerSecond-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"WriteBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteBytesPerSecond-Data-threshold-Override_\", tostring(tags.[\"_amba-WriteBytesPerSecond-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, NetworkInterface, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine NetworkOut", - "displayName": "[concat(subscription().displayName, '-HybridVMHighNetworkOutAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "NetworkInterface", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteBytesPerSecond-Data-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"Network\" and Name == \"WriteBytesPerSecond\" | extend NetworkInterface=tostring(todynamic(Tags)[\"vm.azm.ms/networkDeviceId\"]) | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, NetworkInterface | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteBytesPerSecond-Data-threshold-Override_\", tostring(tags.[\"_amba-WriteBytesPerSecond-Data-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, NetworkInterface, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMHighNetworkOutAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMVMNetworkOutAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_osdiskreadlatency_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_osdiskreadlatency_alert.jsonc deleted file mode 100644 index d1b6a94b..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_osdiskreadlatency_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_OSDiskreadLatency_Alert", - "properties": { - "displayName": "Deploy Hybrid VM OS Disk Read Latency Alert", - "description": "Policy to audit/deploy VM OSDiskreadLatency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMHighOSDiskReadLatencyAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadLatencyMs-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadLatencyMs-OS-threshold-Override_\", tostring(tags.[\"_amba-ReadLatencyMs-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine OSDiskreadLatency", - "displayName": "[concat(subscription().displayName, '-HybridVMHighOSDiskReadLatencyAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-ReadLatencyMs-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"ReadLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-ReadLatencyMs-OS-threshold-Override_\", tostring(tags.[\"_amba-ReadLatencyMs-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMHighOSDiskReadLatencyAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMOSDiskreadLatencyAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_osdiskspace_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_osdiskspace_alert.jsonc deleted file mode 100644 index dfee4779..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_osdiskspace_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_OSDiskSpace_Alert", - "properties": { - "displayName": "Deploy Hybrid VM OS Disk Space Alert", - "description": "Policy to audit/deploy VM OSDiskSpace Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMLowOSDiskSpaceAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-FreeSpacePercentage-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-FreeSpacePercentage-OS-threshold-Override_\", tostring(tags.[\"_amba-FreeSpacePercentage-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine OSDiskSpace", - "displayName": "[concat(subscription().displayName, '-HybridVMLowOSDiskSpaceAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-FreeSpacePercentage-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"FreeSpacePercentage\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-FreeSpacePercentage-OS-threshold-Override_\", tostring(tags.[\"_amba-FreeSpacePercentage-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue < appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMLowOSDiskSpaceAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMOSDiskSpaceAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_osdiskwritelatency_alert.jsonc b/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_osdiskwritelatency_alert.jsonc deleted file mode 100644 index d58963d3..00000000 --- a/Definitions/policyDefinitions/Hybrid Compute/deploy_hybrid_vm_osdiskwritelatency_alert.jsonc +++ /dev/null @@ -1,611 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Hybrid_VM_OSDiskwriteLatency_Alert", - "properties": { - "displayName": "Deploy Hybrid VM OS Disk Write Latency Alert", - "description": "Policy to audit/deploy VM OSDiskwriteLatency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Hybrid Compute", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "PT24H" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - }, - "autoResolveTime": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve time for the alert in ISO 8601 format", - "displayName": "Auto Resolve" - }, - "type": "String" - }, - "computersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Array of Computer to be monitored", - "displayName": "Computers to be included to be monitored" - }, - "type": "array" - }, - "autoResolve": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Auto Resolve" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.HybridCompute/machines", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().displayName, '-HybridVMHighOSDiskWriteLatencyAlert')]", - "field": "Microsoft.Insights/scheduledQueryRules/displayName" - }, - { - "equals": "[subscription().id]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteLatencyMs-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteLatencyMs-OS-threshold-Override_\", tostring(tags.[\"_amba-WriteLatencyMs-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "template": { - "parameters": { - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "alertResourceGroupLocation": { - "type": "string" - }, - "autoMitigate": { - "type": "String" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "autoResolveTime": { - "type": "String" - }, - "computersToInclude": { - "type": "array" - }, - "autoResolve": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "UAMIResourceId": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Virtual Machine OSDiskwriteLatency", - "displayName": "[concat(subscription().displayName, '-HybridVMHighOSDiskWriteLatencyAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "autoResolveTime": { - "value": "[parameters('autoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('computersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('autoResolve')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": 0, - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "_ResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "Computer", - "values": "[parameters('computersToInclude')]" - }, - { - "operator": "Include", - "name": "Disk", - "values": [ - "*" - ] - } - ], - "query": "[format('let policyThresholdString = \"{2}\"; let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.HybridCompute/machines\" | project _ResourceId = id, tags | where parse_json(tostring(tags.{0})) in~ (\"{1}\")); let overridenResource = (arg(\"\").resources | where type == \"microsoft.hybridcompute/machines\" | project _ResourceId = tolower(id), tags | where tags contains \"_amba-WriteLatencyMs-OS-threshold-Override_\"); InsightsMetrics | where _ResourceId has \"Microsoft.HybridCompute/machines\" | where _ResourceId !in~ (excludedResources) | where Origin == \"vm.azm.ms\" | where Namespace == \"LogicalDisk\" and Name == \"WriteLatencyMs\" | extend Disk=tostring(todynamic(Tags)[\"vm.azm.ms/mountId\"]) | where Disk in (\"C:\",\"/\") | summarize AggregatedValue = avg(Val) by bin(TimeGenerated, 15m), Computer, _ResourceId, Disk | join hint.remote=left kind=leftouter overridenResource on _ResourceId | project-away _ResourceId1 | extend appliedThresholdString = iif(tags contains \"_amba-WriteLatencyMs-OS-threshold-Override_\", tostring(tags.[\"_amba-WriteLatencyMs-OS-threshold-Override_\"]), policyThresholdString) | extend appliedThreshold = toint(appliedThresholdString) | where AggregatedValue > appliedThreshold | project TimeGenerated, Computer, _ResourceId, Disk, AggregatedValue', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'), parameters('threshold'))]" - } - ] - }, - "scopes": [ - "[subscription().Id]" - ], - "ruleResolveConfiguration": { - "timeToResolve": "[parameters('autoResolveTime')]", - "autoResolved": "[parameters('autoResolve')]" - }, - "targetResourceTypes": [ - "Microsoft.HybridCompute/machines" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[concat(subscription().displayName, '-HybridVMHighOSDiskWriteLatencyAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "HybridVMOSDiskwriteLatencyAlert", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Key Vault/deploy_activitylog_keyvault_delete.jsonc b/Definitions/policyDefinitions/Key Vault/deploy_activitylog_keyvault_delete.jsonc deleted file mode 100644 index 8b0ea286..00000000 --- a/Definitions/policyDefinitions/Key Vault/deploy_activitylog_keyvault_delete.jsonc +++ /dev/null @@ -1,282 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_KeyVault_Delete", - "properties": { - "displayName": "Deploy Activity Log Key Vault Delete Alert", - "description": "Policy to Deploy Activity Log Key Vault Delete Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Key Vault", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.keyvault/vaults", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Administrative", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "operationName", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Microsoft.KeyVault/vaults/delete", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "name": "ActivityKeyVaultDelete", - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Activity Log Key Vault Delete", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "Administrative", - "field": "category" - }, - { - "equals": "Microsoft.KeyVault/vaults/delete", - "field": "operationName" - }, - { - "field": "status", - "containsAny": [ - "succeeded" - ] - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ActivityKeyVaultDelete", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ActivityKeyVaultDelete", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourcegroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Key Vault/deploy_activitylog_managedhsms_delete.jsonc b/Definitions/policyDefinitions/Key Vault/deploy_activitylog_managedhsms_delete.jsonc deleted file mode 100644 index 62061a23..00000000 --- a/Definitions/policyDefinitions/Key Vault/deploy_activitylog_managedhsms_delete.jsonc +++ /dev/null @@ -1,282 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ActivityLog_ManagedHSMs_Delete", - "properties": { - "displayName": "Deploy Activity Log Managed HSMs Delete Alert", - "description": "Policy to Deploy Activity Log Managed HSMs Delete Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.0.0", - "category": "Key Vault", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.keyvault/managedHSMs", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Administrative", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "operationName", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Microsoft.KeyVault/ManagedHSMs/delete", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "name": "ActivityManagedHSMDelete", - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Activity Log Managed HSM Delete", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "Administrative", - "field": "category" - }, - { - "equals": "Microsoft.KeyVault/managedHSMs/delete", - "field": "operationName" - }, - { - "field": "status", - "containsAny": [ - "succeeded" - ] - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ActivityManagedHSMDelete", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ActivityManagedHSMDelete", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourcegroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Key Vault/deploy_keyvault_availability_alert.jsonc b/Definitions/policyDefinitions/Key Vault/deploy_keyvault_availability_alert.jsonc deleted file mode 100644 index 935025bf..00000000 --- a/Definitions/policyDefinitions/Key Vault/deploy_keyvault_availability_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_KeyVault_Availability_Alert", - "properties": { - "displayName": "Deploy Key Vault Availability Alert", - "description": "Policy to audit/deploy KeyVault Availability Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Key Vault", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.keyvault/vaults", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.keyvault/vaults", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "Availability", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.keyvault/vaults/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for KeyVault Availability", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "Availability", - "metricNamespace": "microsoft.keyvault/vaults", - "criterionType": "StaticThresholdCriterion", - "metricName": "Availability" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-Availability')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Key Vault/deploy_keyvault_capacity_alert.jsonc b/Definitions/policyDefinitions/Key Vault/deploy_keyvault_capacity_alert.jsonc deleted file mode 100644 index 2b54cd4f..00000000 --- a/Definitions/policyDefinitions/Key Vault/deploy_keyvault_capacity_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_KeyVault_Capacity_Alert", - "properties": { - "displayName": "Deploy Key Vault Capacity Alert", - "description": "Policy to audit/deploy KeyVault Capacity Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Key Vault", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "75", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.keyvault/vaults", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.keyvault/vaults", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "SaturationShoebox", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.keyvault/vaults/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-SaturationShoebox-threshold-Override_'), field('tags._amba-SaturationShoebox-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-SaturationShoebox-threshold-Override_'), field('tags._amba-SaturationShoebox-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for KeyVault Capacity", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "SaturationShoebox", - "metricNamespace": "microsoft.keyvault/vaults", - "criterionType": "StaticThresholdCriterion", - "metricName": "SaturationShoebox" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-CapacityAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Key Vault/deploy_keyvault_latency_alert.jsonc b/Definitions/policyDefinitions/Key Vault/deploy_keyvault_latency_alert.jsonc deleted file mode 100644 index caa32f9e..00000000 --- a/Definitions/policyDefinitions/Key Vault/deploy_keyvault_latency_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_KeyVault_Latency_Alert", - "properties": { - "displayName": "Deploy Key Vault Latency Alert", - "description": "Policy to audit/deploy KeyVault Latency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Key Vault", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.keyvault/vaults", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.keyvault/vaults", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ServiceApiLatency", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.keyvault/vaults/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-ServiceApiLatency-threshold-Override_'), field('tags._amba-ServiceApiLatency-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-ServiceApiLatency-threshold-Override_'), field('tags._amba-ServiceApiLatency-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for KeyVault Latency", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ServiceApiLatency", - "metricNamespace": "microsoft.keyvault/vaults", - "criterionType": "StaticThresholdCriterion", - "metricName": "ServiceApiLatency" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-LatencyAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Key Vault/deploy_keyvault_requests_alert.jsonc b/Definitions/policyDefinitions/Key Vault/deploy_keyvault_requests_alert.jsonc deleted file mode 100644 index 3104c6b9..00000000 --- a/Definitions/policyDefinitions/Key Vault/deploy_keyvault_requests_alert.jsonc +++ /dev/null @@ -1,325 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_KeyVault_Requests_Alert", - "properties": { - "displayName": "Deploy Key Vault Requests Alert", - "description": "Policy to audit/deploy KeyVault Requests Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Key Vault", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.keyvault/vaults", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.keyvault/vaults", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ServiceApiResult", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.keyvault/vaults/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": 4, - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": 4, - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for KeyVault Requests", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": 4, - "minFailingPeriodsToAlert": 4 - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ServiceApiResult", - "metricNamespace": "microsoft.keyvault/vaults", - "criterionType": "DynamicThresholdCriterion", - "metricName": "ServiceApiResult", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-RequestsAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Key Vault/deploy_managedhsms_availability_alert.jsonc b/Definitions/policyDefinitions/Key Vault/deploy_managedhsms_availability_alert.jsonc deleted file mode 100644 index bd96c41b..00000000 --- a/Definitions/policyDefinitions/Key Vault/deploy_managedhsms_availability_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ManagedHSMs_Availability_Alert", - "properties": { - "displayName": "Deploy Managed HSMs Availability Alert", - "description": "Policy to audit/deploy Managed HSMs Availability Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.0.0", - "category": "Key Vault", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.keyvault/managedHSMs", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.KeyVault/ManagedHSMs", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "Availability", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.keyvault/managedHSMs/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ManagedHSM Availability", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "Availability", - "metricNamespace": "microsoft.keyvault/managedHSMs", - "criterionType": "StaticThresholdCriterion", - "metricName": "Availability" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-Availability')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Key Vault/deploy_managedhsms_latency_alert.jsonc b/Definitions/policyDefinitions/Key Vault/deploy_managedhsms_latency_alert.jsonc deleted file mode 100644 index 7df14eb1..00000000 --- a/Definitions/policyDefinitions/Key Vault/deploy_managedhsms_latency_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ManagedHSMs_Latency_Alert", - "properties": { - "displayName": "Deploy Managed HSMs Latency Alert", - "description": "Policy to audit/deploy Managed HSMs Latency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Key Vault", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.keyvault/managedHSMs", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.KeyVault/managedHSMs", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ServiceApiLatency", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.keyvault/managedHSMs', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-ServiceApiLatency-threshold-Override_'), field('tags._amba-ServiceApiLatency-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-ServiceApiLatency-threshold-Override_'), field('tags._amba-ServiceApiLatency-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ManagedHSM Latency", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ServiceApiLatency", - "metricNamespace": "Microsoft.KeyVault/managedHSMs", - "criterionType": "StaticThresholdCriterion", - "metricName": "ServiceApiLatency" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-LatencyAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_laworkspace_delete.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_activitylog_laworkspace_delete.jsonc deleted file mode 100644 index f58bee3c..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_laworkspace_delete.jsonc +++ /dev/null @@ -1,282 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_LAWorkspace_Delete", - "properties": { - "displayName": "Deploy Activity Log LA Workspace Delete Alert", - "description": "Policy to Deploy Activity Log LA Workspace Delete Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.OperationalInsights/workspaces", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Administrative", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "operationName", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Microsoft.OperationalInsights/workspaces/delete", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "name": "ActivityLAWorkspaceDelete", - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Activity Log LA Workspace Delete", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "Administrative", - "field": "category" - }, - { - "equals": "Microsoft.OperationalInsights/workspaces/delete", - "field": "operationName" - }, - { - "field": "status", - "containsAny": [ - "succeeded" - ] - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ActivityLAWorkspaceDelete", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ActivityLAWorkspaceDelete", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourcegroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_laworkspace_keyregen.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_activitylog_laworkspace_keyregen.jsonc deleted file mode 100644 index 5fe29024..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_laworkspace_keyregen.jsonc +++ /dev/null @@ -1,282 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_LAWorkspace_KeyRegen", - "properties": { - "displayName": "Deploy Activity Log LA Workspace Regenerate Key Alert", - "description": "Policy to Deploy Activity Log LA Workspace Regenerate Key Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.OperationalInsights/workspaces", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Administrative", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "operationName", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Microsoft.OperationalInsights/workspaces/regeneratesharedkey/action", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "name": "ActivityLAWorkspaceRegenKey", - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Activity Log LA Workspace Regenerate Key", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "Administrative", - "field": "category" - }, - { - "equals": "Microsoft.OperationalInsights/workspaces/regeneratesharedkey/action", - "field": "operationName" - }, - { - "field": "status", - "containsAny": [ - "succeeded" - ] - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ActivityLAWorkspaceRegenKey", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ActivityLAWorkspaceRegenKey", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_resourcehealth_unhealthy_alert.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_activitylog_resourcehealth_unhealthy_alert.jsonc deleted file mode 100644 index d170a035..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_resourcehealth_unhealthy_alert.jsonc +++ /dev/null @@ -1,418 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_ResourceHealth_Unhealthy_Alert", - "properties": { - "displayName": "Deploy Resource Health Unhealthy Alert", - "description": "Policy to Deploy Resource Health Unhealthy Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "BYOActionGroup": { - "defaultValue": [], - "metadata": { - "description": "The Resource IDs of existing Action Groups currently deployed in the environment.", - "displayName": "Customer defined Action Group Resource IDs" - }, - "type": "array" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Resources/subscriptions", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "anyOf": [ - { - "allOf": [ - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": true - }, - { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", - "contains": "ag-AMBA-SH-" - } - ] - }, - { - "allOf": [ - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": false - }, - { - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", - "where": { - "anyOf": [ - { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", - "in": "[parameters('BYOActionGroup')]" - } - ] - } - }, - "greaterOrEquals": 1 - } - ] - } - ] - }, - { - "equals": 1, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "ResourceHealth", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "BYOActionGroup": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "BYOActionGroup": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Resource Health Unhealthy Alert", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "ResourceHealth", - "field": "category" - }, - { - "anyOf": [ - { - "equals": "PlatformInitiated", - "field": "properties.cause" - }, - { - "equals": "UserInitiated", - "field": "properties.cause" - } - ] - }, - { - "anyOf": [ - { - "equals": "Degraded", - "field": "properties.currentHealthStatus" - }, - { - "equals": "Unavailable", - "field": "properties.currentHealthStatus" - } - ] - } - ] - }, - "actions": { - "actionGroups": [ - { - "actionGroupId": "[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]", - "webhookProperties": {} - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ResourceHealthUnhealthyAlert", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[empty(parameters('BYOActionGroup'))]" - }, - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Resource Health Unhealthy Alert", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "ResourceHealth", - "field": "category" - }, - { - "anyOf": [ - { - "equals": "PlatformInitiated", - "field": "properties.cause" - }, - { - "equals": "UserInitiated", - "field": "properties.cause" - } - ] - }, - { - "anyOf": [ - { - "equals": "Degraded", - "field": "properties.currentHealthStatus" - }, - { - "equals": "Unavailable", - "field": "properties.currentHealthStatus" - } - ] - } - ] - }, - "actions": { - "actionGroups": "[variables('varActionGroupIds')]" - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ResourceHealthUnhealthyAlert", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[not(empty(parameters('BYOActionGroup')))]" - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ResourceHealtAlert", - "dependsOn": [ - "[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": { - "copy": [ - { - "name": "varActionGroupIds", - "mode": "serial", - "count": "[length(parameters('BYOActionGroup'))]", - "input": { - "actionGroupId": "[trim(parameters('BYOActionGroup')[copyIndex('varActionGroupIds')])]" - } - } - ] - }, - "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_healthadvisory.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_healthadvisory.jsonc deleted file mode 100644 index b972e378..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_healthadvisory.jsonc +++ /dev/null @@ -1,409 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_ServiceHealth_HealthAdvisory", - "properties": { - "displayName": "Deploy Service Health Advisory Alert", - "description": "Policy to Deploy Service Health Advisory Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "ALZMonitorActionGroupEmail": { - "defaultValue": [], - "metadata": { - "description": "Email addresses to send alerts to", - "displayName": "Action Group Email Addresses" - }, - "type": "Array" - }, - "BYOActionGroup": { - "defaultValue": [], - "metadata": { - "description": "The Resource IDs of existing Action Groups currently deployed in the environment.", - "displayName": "Customer defined Action Group Resource IDs" - }, - "type": "array" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Resources/subscriptions", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "anyOf": [ - { - "allOf": [ - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": true - }, - { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", - "contains": "ag-AMBA-SH-" - } - ] - }, - { - "allOf": [ - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": false - }, - { - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", - "where": { - "anyOf": [ - { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", - "in": "[parameters('BYOActionGroup')]" - } - ] - } - }, - "greaterOrEquals": 1 - } - ] - } - ] - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "ServiceHealth", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "properties.incidentType", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "ActionRequired", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "BYOActionGroup": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "BYOActionGroup": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Service Health Advisory Alert", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "ServiceHealth", - "field": "category" - }, - { - "equals": "ActionRequired", - "field": "properties.incidentType" - } - ] - }, - "actions": { - "actionGroups": [ - { - "actionGroupId": "[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "Global", - "name": "ServiceHealthAdvisoryEvent", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[empty(parameters('BYOActionGroup'))]" - }, - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Service Health Advisory Alert", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "ServiceHealth", - "field": "category" - }, - { - "equals": "ActionRequired", - "field": "properties.incidentType" - } - ] - }, - "actions": { - "actionGroups": "[variables('varActionGroupIds')]" - } - }, - "apiVersion": "2020-10-01", - "location": "Global", - "name": "ServiceHealthAdvisoryEvent", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[not(empty(parameters('BYOActionGroup')))]" - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ServiceHealthHealth", - "dependsOn": [ - "[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": { - "copy": [ - { - "name": "varActionGroupIds", - "mode": "serial", - "count": "[length(parameters('BYOActionGroup'))]", - "input": { - "actionGroupId": "[trim(parameters('BYOActionGroup')[copyIndex('varActionGroupIds')])]" - } - } - ] - }, - "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_incident.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_incident.jsonc deleted file mode 100644 index ffc2b907..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_incident.jsonc +++ /dev/null @@ -1,409 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_ServiceHealth_Incident", - "properties": { - "displayName": "Deploy Service Health Incident Alert", - "description": "Policy to Deploy Service Health Incident Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "ALZMonitorActionGroupEmail": { - "defaultValue": [], - "metadata": { - "description": "Email addresses to send alerts to", - "displayName": "Action Group Email Addresses" - }, - "type": "Array" - }, - "BYOActionGroup": { - "defaultValue": [], - "metadata": { - "description": "The Resource IDs of existing Action Groups currently deployed in the environment.", - "displayName": "Customer defined Action Group Resource IDs" - }, - "type": "array" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Resources/subscriptions", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "anyOf": [ - { - "allOf": [ - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": true - }, - { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", - "contains": "ag-AMBA-SH-" - } - ] - }, - { - "allOf": [ - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": false - }, - { - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", - "where": { - "anyOf": [ - { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", - "in": "[parameters('BYOActionGroup')]" - } - ] - } - }, - "greaterOrEquals": 1 - } - ] - } - ] - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "ServiceHealth", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "properties.incidentType", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Incident", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "BYOActionGroup": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "BYOActionGroup": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Service Health Incident Alert", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "ServiceHealth", - "field": "category" - }, - { - "equals": "Incident", - "field": "properties.incidentType" - } - ] - }, - "actions": { - "actionGroups": [ - { - "actionGroupId": "[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ServiceHealthIncident", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[empty(parameters('BYOActionGroup'))]" - }, - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Service Health Incident Alert", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "ServiceHealth", - "field": "category" - }, - { - "equals": "Incident", - "field": "properties.incidentType" - } - ] - }, - "actions": { - "actionGroups": "[variables('varActionGroupIds')]" - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ServiceHealthIncident", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[not(empty(parameters('BYOActionGroup')))]" - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ServiceHealthIncident", - "dependsOn": [ - "[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": { - "copy": [ - { - "name": "varActionGroupIds", - "mode": "serial", - "count": "[length(parameters('BYOActionGroup'))]", - "input": { - "actionGroupId": "[trim(parameters('BYOActionGroup')[copyIndex('varActionGroupIds')])]" - } - } - ] - }, - "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourcegroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_maintenance.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_maintenance.jsonc deleted file mode 100644 index 919e44ef..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_maintenance.jsonc +++ /dev/null @@ -1,409 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_ServiceHealth_Maintenance", - "properties": { - "displayName": "Deploy Service Health Maintenance Alert", - "description": "Policy to Deploy Service Health Maintenance Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "ALZMonitorActionGroupEmail": { - "defaultValue": [], - "metadata": { - "description": "Email addresses to send alerts to", - "displayName": "Action Group Email Addresses" - }, - "type": "Array" - }, - "BYOActionGroup": { - "defaultValue": [], - "metadata": { - "description": "The Resource IDs of existing Action Groups currently deployed in the environment.", - "displayName": "Customer defined Action Group Resource IDs" - }, - "type": "array" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Resources/subscriptions", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "anyOf": [ - { - "allOf": [ - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": true - }, - { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", - "contains": "ag-AMBA-SH-" - } - ] - }, - { - "allOf": [ - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": false - }, - { - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", - "where": { - "anyOf": [ - { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", - "in": "[parameters('BYOActionGroup')]" - } - ] - } - }, - "greaterOrEquals": 1 - } - ] - } - ] - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "ServiceHealth", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "properties.incidentType", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Maintenance", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "BYOActionGroup": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "BYOActionGroup": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Service Health Planned Maintenance Alert", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "ServiceHealth", - "field": "category" - }, - { - "equals": "Maintenance", - "field": "properties.incidentType" - } - ] - }, - "actions": { - "actionGroups": [ - { - "actionGroupId": "[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ServiceHealthPlannedMaintenance", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[empty(parameters('BYOActionGroup'))]" - }, - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Service Health Planned Maintenance Alert", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "ServiceHealth", - "field": "category" - }, - { - "equals": "Maintenance", - "field": "properties.incidentType" - } - ] - }, - "actions": { - "actionGroups": "[variables('varActionGroupIds')]" - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ServiceHealthPlannedMaintenance", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[not(empty(parameters('BYOActionGroup')))]" - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ServiceHealthMaintenance", - "dependsOn": [ - "[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": { - "copy": [ - { - "name": "varActionGroupIds", - "mode": "serial", - "count": "[length(parameters('BYOActionGroup'))]", - "input": { - "actionGroupId": "[trim(parameters('BYOActionGroup')[copyIndex('varActionGroupIds')])]" - } - } - ] - }, - "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourcegroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_securityadvisory.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_securityadvisory.jsonc deleted file mode 100644 index d27966fc..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_servicehealth_securityadvisory.jsonc +++ /dev/null @@ -1,409 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_ServiceHealth_SecurityAdvisory", - "properties": { - "displayName": "Deploy Service Health Security Advisory Alert", - "description": "Policy to Deploy Service Health Security Advisory Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "ALZMonitorActionGroupEmail": { - "defaultValue": [], - "metadata": { - "description": "Email addresses to send alerts to", - "displayName": "Action Group Email Addresses" - }, - "type": "Array" - }, - "BYOActionGroup": { - "defaultValue": [], - "metadata": { - "description": "The Resource IDs of existing Action Groups currently deployed in the environment.", - "displayName": "Customer defined Action Group Resource IDs" - }, - "type": "array" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Resources/subscriptions", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "anyOf": [ - { - "allOf": [ - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": true - }, - { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", - "contains": "ag-AMBA-SH-" - } - ] - }, - { - "allOf": [ - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": false - }, - { - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*]", - "where": { - "anyOf": [ - { - "field": "Microsoft.Insights/ActivityLogAlerts/actions.actionGroups[*].actionGroupId", - "in": "[parameters('BYOActionGroup')]" - } - ] - } - }, - "greaterOrEquals": 1 - } - ] - } - ] - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "ServiceHealth", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "properties.incidentType", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Security", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - }, - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "BYOActionGroup": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "BYOActionGroup": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Service Health Security Alert", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "ServiceHealth", - "field": "category" - }, - { - "equals": "Security", - "field": "properties.incidentType" - } - ] - }, - "actions": { - "actionGroups": [ - { - "actionGroupId": "[concat(subscription().Id, '/resourceGroups/', parameters('alertResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-SH-', subscription().displayName, '-001')]" - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ServiceHealthSecurityIncident", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[empty(parameters('BYOActionGroup'))]" - }, - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Service Health Security Alert", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "ServiceHealth", - "field": "category" - }, - { - "equals": "Security", - "field": "properties.incidentType" - } - ] - }, - "actions": { - "actionGroups": "[variables('varActionGroupIds')]" - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ServiceHealthSecurityIncident", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[not(empty(parameters('BYOActionGroup')))]" - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ServiceSecurityIncident", - "dependsOn": [ - "[resourceId('Microsoft.Resources/resourceGroups', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": { - "copy": [ - { - "name": "varActionGroupIds", - "mode": "serial", - "count": "[length(parameters('BYOActionGroup'))]", - "input": { - "actionGroupId": "[trim(parameters('BYOActionGroup')[copyIndex('varActionGroupIds')])]" - } - } - ] - }, - "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourcegroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_storageaccount_delete.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_activitylog_storageaccount_delete.jsonc deleted file mode 100644 index 773eb9bc..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_activitylog_storageaccount_delete.jsonc +++ /dev/null @@ -1,282 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_StorageAccount_Delete", - "properties": { - "displayName": "Deploy Activity Log Storage Account Delete Alert", - "description": "Policy to Deploy Activity Log Storage Account Delete Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring on resource. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Storage/storageAccounts", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Administrative", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "operationName", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Microsoft.Storage/storageAccounts/delete", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "name": "Activity Log Storage Account Delete", - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Activity Log Storage Account Delete", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "Administrative", - "field": "category" - }, - { - "equals": "Microsoft.Storage/storageAccounts/delete", - "field": "operationName" - }, - { - "field": "status", - "containsAny": [ - "succeeded" - ] - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "Activity Log Storage Account Delete", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ActivitySADelete", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2018-05-01/subscriptionDeploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourcegroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_alertprocessing_rule.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_alertprocessing_rule.jsonc deleted file mode 100644 index 654c6fb5..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_alertprocessing_rule.jsonc +++ /dev/null @@ -1,496 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AlertProcessing_Rule", - "properties": { - "displayName": "Deploy AMBA Notification Assets", - "description": "Policy to deploy Action Group and Alert Processing Rule for all AMBA alerts", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "ALZMonitorActionGroupEmail": { - "defaultValue": [], - "metadata": { - "description": "Email addresses to send alerts to", - "displayName": "Action Group Email Addresses" - }, - "type": "Array" - }, - "ALZMonitorResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "BYOActionGroup": { - "defaultValue": [], - "metadata": { - "description": "The Resource IDs of existing Action Groups currently deployed in the environment.", - "displayName": "Customer defined Action Group Resource IDs" - }, - "type": "array" - }, - "BYOAlertProcessingRule": { - "defaultValue": "", - "metadata": { - "description": "The Resource ID of an existing Alert Processing Rule already deployed by the customer in his environment", - "displayName": "Customer defined Alert Processing Rule Resource ID" - }, - "type": "String" - }, - "ALZLogicappCallbackUrl": { - "defaultValue": "", - "metadata": { - "description": "Callback URL that triggers the Logic App", - "displayName": "Logic App Callback URL" - }, - "type": "String" - }, - "ALZFunctionResourceId": { - "defaultValue": "", - "metadata": { - "description": "Function Resource Id for Action Group to send alerts to", - "displayName": "Function Resource Id" - }, - "type": "String" - }, - "ALZFunctionTriggerUrl": { - "defaultValue": "", - "metadata": { - "description": "URL that triggers the Function", - "displayName": "Function Trigger URL" - }, - "type": "String" - }, - "ALZLogicappResourceId": { - "defaultValue": "", - "metadata": { - "description": "Logic App Resource Id for Action Group to send alerts to", - "displayName": "Logic App Resource Id" - }, - "type": "String" - }, - "ALZEventHubResourceId": { - "defaultValue": [], - "metadata": { - "description": "Event Hub resource Ids for action group to send alerts to", - "displayName": "Event Hub resource Ids" - }, - "type": "array" - }, - "ALZWebhookServiceUri": { - "defaultValue": [], - "metadata": { - "description": "Indicates the service uri(s) of the webhook to send alerts to", - "displayName": "Webhook Service Uri(s)" - }, - "type": "Array" - }, - "ALZArmRoleId": { - "defaultValue": [], - "metadata": { - "description": "Arm Built-in Role Ids for action group to send alerts to", - "displayName": "Arm Role Ids" - }, - "type": "array" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Resources/subscriptions", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - }, - { - "value": "[empty(parameters('BYOAlertProcessingRule'))]", - "equals": "true" - } - ] - }, - "then": { - "effect": "deployIfNotExists", - "details": { - "type": "Microsoft.AlertsManagement/actionRules", - "existenceCondition": { - "allOf": [ - { - "equals": "AMBA Notification Assets - Alert Processing Rule for Subscription", - "field": "Microsoft.AlertsManagement/actionRules/description" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "ALZMonitorResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "ALZMonitorResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "ALZMonitorResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - }, - "BYOAlertProcessingRule": { - "value": "[parameters('BYOAlertProcessingRule')]" - }, - "ALZLogicappCallbackUrl": { - "value": "[parameters('ALZLogicappCallbackUrl')]" - }, - "ALZFunctionResourceId": { - "value": "[parameters('ALZFunctionResourceId')]" - }, - "ALZFunctionTriggerUrl": { - "value": "[parameters('ALZFunctionTriggerUrl')]" - }, - "ALZLogicappResourceId": { - "value": "[parameters('ALZLogicappResourceId')]" - }, - "ALZEventHubResourceId": { - "value": "[parameters('ALZEventHubResourceId')]" - }, - "ALZWebhookServiceUri": { - "value": "[parameters('ALZWebhookServiceUri')]" - }, - "ALZArmRoleId": { - "value": "[parameters('ALZArmRoleId')]" - } - }, - "template": { - "parameters": { - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "ALZMonitorResourceGroupName": { - "type": "string" - }, - "ALZMonitorResourceGroupLocation": { - "type": "string" - }, - "ALZMonitorResourceGroupTags": { - "type": "object" - }, - "BYOActionGroup": { - "type": "array" - }, - "BYOAlertProcessingRule": { - "type": "String" - }, - "ALZLogicappCallbackUrl": { - "type": "String" - }, - "ALZFunctionResourceId": { - "type": "string" - }, - "ALZFunctionTriggerUrl": { - "type": "String" - }, - "ALZLogicappResourceId": { - "type": "string" - }, - "ALZEventHubResourceId": { - "type": "array" - }, - "ALZWebhookServiceUri": { - "type": "Array" - }, - "ALZArmRoleId": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('ALZMonitorResourceGroupLocation')]", - "name": "[parameters('ALZMonitorResourceGroupName')]", - "tags": "[parameters('ALZMonitorResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('ALZMonitorResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "ALZMonitorResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - }, - "BYOAlertProcessingRule": { - "value": "[parameters('BYOAlertProcessingRule')]" - }, - "ALZLogicappCallbackUrl": { - "value": "[parameters('ALZLogicappCallbackUrl')]" - }, - "ALZFunctionResourceId": { - "value": "[parameters('ALZFunctionResourceId')]" - }, - "ALZFunctionTriggerUrl": { - "value": "[parameters('ALZFunctionTriggerUrl')]" - }, - "ALZLogicappResourceId": { - "value": "[parameters('ALZLogicappResourceId')]" - }, - "ALZEventHubResourceId": { - "value": "[parameters('ALZEventHubResourceId')]" - }, - "ALZWebhookServiceUri": { - "value": "[parameters('ALZWebhookServiceUri')]" - }, - "ALZArmRoleId": { - "value": "[parameters('ALZArmRoleId')]" - } - }, - "template": { - "parameters": { - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "ALZMonitorResourceGroupName": { - "type": "string" - }, - "BYOActionGroup": { - "type": "array" - }, - "BYOAlertProcessingRule": { - "type": "string" - }, - "ALZLogicappCallbackUrl": { - "type": "string" - }, - "ALZFunctionResourceId": { - "type": "string" - }, - "ALZFunctionTriggerUrl": { - "type": "string" - }, - "ALZLogicappResourceId": { - "type": "string" - }, - "ALZEventHubResourceId": { - "type": "array" - }, - "ALZWebhookServiceUri": { - "type": "Array" - }, - "ALZArmRoleId": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/actionGroups", - "properties": { - "enabled": true, - "azureFunctionReceivers": "[if(empty(parameters('ALZFunctionResourceId')), null(), variables('varAzureFunctionReceivers'))]", - "logicAppReceivers": "[if(empty(parameters('ALZLogicappResourceId')), null(), variables('varLogicAppReceivers'))]", - "eventHubReceivers": "[if(empty(parameters('ALZEventHubResourceId')), null(), variables('varEventHubReceivers'))]", - "webhookReceivers": "[if(empty(parameters('ALZWebhookServiceUri')), null(), variables('varWebhookReceivers'))]", - "armRoleReceivers": "[if(empty(parameters('ALZArmRoleId')), null(), variables('varArmRoleReceivers'))]", - "emailReceivers": "[if(empty(parameters('ALZMonitorActionGroupEmail')), null(), variables('varEmailReceivers'))]", - "groupShortName": "ActGrp" - }, - "apiVersion": "2023-01-01", - "location": "Global", - "name": "[concat('ag-AMBA-', subscription().displayName, '-001')]", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[and(empty(parameters('BYOActionGroup')), empty(parameters('BYOAlertProcessingRule')))]" - }, - { - "type": "Microsoft.AlertsManagement/actionRules", - "properties": { - "description": "AMBA Notification Assets - Alert Processing Rule for Subscription", - "enabled": true, - "scopes": [ - "[subscription().Id]" - ], - "actions": [ - { - "actionType": "AddActionGroups", - "actiongroupIds": "[if(empty(parameters('BYOActionGroup')), array(concat(subscription().Id, '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/microsoft.insights/actionGroups/', 'ag-AMBA-', subscription().displayName, '-001')), variables('varAGIds'))]" - } - ] - }, - "apiVersion": "2021-08-08", - "location": "Global", - "name": "[concat('apr-AMBA-',subscription().displayName, '-001')]", - "tags": { - "_deployed_by_amba": true - }, - "dependsOn": [ - "[concat('ag-AMBA-', subscription().displayName, '-001')]" - ], - "condition": "[empty(parameters('BYOAlertProcessingRule'))]" - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ActionGroupDeployment", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('ALZMonitorResourceGroupName'))]" - ] - } - ], - "variables": { - "varAzureFunctionReceivers": [ - { - "name": "AlzFa-0", - "useCommonAlertSchema": true, - "functionAppResourceId": "[if(empty(parameters('ALZFunctionResourceId')), null(), split(trim(parameters('ALZFunctionResourceId')),'/functions/')[0])]", - "httpTriggerUrl": "[if(empty(parameters('ALZFunctionTriggerUrl')), null(), trim(parameters('ALZFunctionTriggerUrl')))]", - "functionName": "[if(empty(parameters('ALZFunctionResourceId')), null(), split(trim(parameters('ALZFunctionResourceId')),'/')[10])]" - } - ], - "copy": [ - { - "name": "varEmailReceivers", - "mode": "serial", - "count": "[length(parameters('ALZMonitorActionGroupEmail'))]", - "input": { - "name": "[concat('AlzMail-', indexOf(parameters('ALZMonitorActionGroupEmail'), parameters('ALZMonitorActionGroupEmail')[copyIndex('varEmailReceivers')]))]", - "useCommonAlertSchema": true, - "emailAddress": "[trim(parameters('ALZMonitorActionGroupEmail')[copyIndex('varEmailReceivers')])]" - } - }, - { - "name": "varArmRoleReceivers", - "mode": "serial", - "count": "[length(parameters('ALZArmRoleId'))]", - "input": { - "name": "[concat('AlzARM-', indexOf(parameters('ALZArmRoleId'), parameters('ALZArmRoleId')[copyIndex('varArmRoleReceivers')]))]", - "useCommonAlertSchema": true, - "roleId": "[trim(parameters('ALZArmRoleId')[copyIndex('varArmRoleReceivers')])]" - } - }, - { - "name": "varEventHubReceivers", - "mode": "serial", - "count": "[length(parameters('ALZEventHubResourceId'))]", - "input": { - "subscriptionId": "[if(empty(parameters('ALZEventHubResourceId')), null(), split(trim(parameters('ALZEventHubResourceId')[copyIndex('varEventHubReceivers')]),'/')[2])]", - "tenantId": "[subscription().tenantId]", - "name": "[concat('AlzEH-', indexOf(parameters('ALZEventHubResourceId'), parameters('ALZEventHubResourceId')[copyIndex('varEventHubReceivers')]))]", - "useCommonAlertSchema": true, - "eventHubNameSpace": "[if(empty(parameters('ALZEventHubResourceId')), null(), split(trim(parameters('ALZEventHubResourceId')[copyIndex('varEventHubReceivers')]),'/')[8])]", - "eventHubName": "[if(empty(parameters('ALZEventHubResourceId')), null(), split(trim(parameters('ALZEventHubResourceId')[copyIndex('varEventHubReceivers')]),'/')[10])]" - } - }, - { - "name": "varWebhookReceivers", - "mode": "serial", - "count": "[length(parameters('ALZWebhookServiceUri'))]", - "input": { - "tenantId": "null()", - "name": "[concat('AlzWh-', indexOf(parameters('ALZWebhookServiceUri'), parameters('ALZWebhookServiceUri')[copyIndex('varWebhookReceivers')]))]", - "useCommonAlertSchema": true, - "identifierUri": "null()", - "serviceUri": "[trim(parameters('ALZWebhookServiceUri')[copyIndex('varWebhookReceivers')])]", - "useAadAuth": "false", - "objectId": "null()" - } - }, - { - "name": "varAGIds", - "mode": "serial", - "count": "[length(parameters('BYOActionGroup'))]", - "input": "[trim(parameters('BYOActionGroup')[copyIndex('varAGIds')])]" - } - ], - "varLogicAppReceivers": [ - { - "resourceId": "[if(empty(parameters('ALZLogicappResourceId')), null(), trim(parameters('ALZLogicappResourceId')))]", - "name": "AlzLA-0", - "useCommonAlertSchema": true, - "callbackUrl": "[if(empty(parameters('ALZLogicappCallbackUrl')), null(), trim(parameters('ALZLogicappCallbackUrl')))]" - } - ], - "varBYOAlertProcessingRule": "[if(empty(parameters('BYOAlertProcessingRule')), null(), trim(parameters('BYOAlertProcessingRule')))]" - }, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('ALZMonitorResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_laworkspace_dailycaplimitreached_alert.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_laworkspace_dailycaplimitreached_alert.jsonc deleted file mode 100644 index 37330b74..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_laworkspace_dailycaplimitreached_alert.jsonc +++ /dev/null @@ -1,485 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_LAWorkspace_DailyCapLimitReached_Alert", - "properties": { - "displayName": "Deploy LA Workspace Daily Cap Limit Reached Alert", - "description": "Policy to audit/deploy LA Workspace Daily Cap Limit Reached Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.0.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT10M", - "PT15M", - "PT30M", - "PT45M", - "PT1H", - "PT2H", - "PT3H", - "PT4H", - "PT5H", - "PT6H", - "P1D" - ], - "defaultValue": "PT1H", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT10M", - "PT15M", - "PT30M", - "PT45M", - "PT1H", - "PT2H", - "PT3H", - "PT4H", - "PT5H", - "PT6H", - "P1D" - ], - "defaultValue": "P1D", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "0", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "timeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "TimeAggregation" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "UAMIResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity.", - "displayName": "User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "operator": { - "allowedValues": [ - "GreaterThan", - "GreaterThanOrEqual" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Operator" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.OperationalInsights/workspaces", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/scheduledQueryRules", - "existenceCondition": { - "allOf": [ - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.OperationalInsights/workspaces/', field('fullName'))]", - "field": "Microsoft.Insights/scheduledQueryRules/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/scheduledQueryRules/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/scheduledQueryRules/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/scheduledQueryRules/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/scheduledQueryRules/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/scheduledQueryRules/autoMitigate" - }, - { - "equals": "[parameters('threshold')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].threshold" - }, - { - "equals": "[parameters('operator')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].operator" - }, - { - "equals": "[parameters('timeAggregation')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].timeAggregation" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.numberOfEvaluationPeriods" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[format('let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.OperationalInsights/workspaces\" | where parse_json(tostring(tags.{0})) in~ (\"{1}\") | project customerId = tostring(properties.customerId)); let workspaceResources = (arg(\"\").resources | where type =~ \"Microsoft.OperationalInsights/workspaces\" | project id, customerId = tostring(properties.customerId), workspaceName = tostring(name)); Operation | where TenantId !in~ (excludedResources) | where OperationCategory == \"Data Collection Status\" | where Detail has_any(\"RespectQuota\", \"OverQuota\") | summarize arg_max(TimeGenerated, *) by TenantId | where Detail has \"OverQuota\" | join hint.remote=left kind=inner workspaceResources on $left.TenantId == $right.customerId | project TimeGenerated, id, workspaceName, workspaceId = TenantId, Detail', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'))]", - "field": "Microsoft.Insights/scheduledQueryRules/criteria.allOf[*].query" - }, - { - "field": "identity.userAssignedIdentities", - "containsKey": "[parameters('UAMIResourceId')]" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceLocation": { - "value": "[field('location')]" - }, - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceLocation": { - "metadata": { - "description": "Location of the resource", - "displayName": "resourceLocation" - }, - "type": "String" - }, - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "MonitorDisableTagValues": { - "type": "Array" - }, - "MonitorDisableTagName": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "timeAggregation": { - "type": "String" - }, - "UAMIResourceId": { - "type": "string" - }, - "operator": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/scheduledQueryRules", - "properties": { - "description": "Log Alert for Daily Cap Limit Reached", - "displayName": "[concat(parameters('resourceName'), '-DailyCapLimitReachedAlert')]", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('MonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('MonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('timeAggregation')]" - }, - "UAMIResourceId": { - "value": "[parameters('UAMIResourceId')]" - }, - "operator": { - "value": "[parameters('operator')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "[parameters('timeAggregation')]", - "operator": "[parameters('operator')]", - "resourceIdColumn": "id", - "dimensions": [ - { - "operator": "Include", - "name": "workspaceName", - "values": [ - "*" - ] - } - ], - "query": "[format('let excludedResources = (arg(\"\").resources | where type =~ \"Microsoft.OperationalInsights/workspaces\" | where parse_json(tostring(tags.{0})) in~ (\"{1}\") | project customerId = tostring(properties.customerId)); let workspaceResources = (arg(\"\").resources | where type =~ \"Microsoft.OperationalInsights/workspaces\" | project id, customerId = tostring(properties.customerId), workspaceName = tostring(name)); Operation | where TenantId !in~ (excludedResources) | where OperationCategory == \"Data Collection Status\" | where Detail has_any(\"RespectQuota\", \"OverQuota\") | summarize arg_max(TimeGenerated, *) by TenantId | where Detail has \"OverQuota\" | join hint.remote=left kind=inner workspaceResources on $left.TenantId == $right.customerId | project TimeGenerated, id, workspaceName, workspaceId = TenantId, Detail', parameters('MonitorDisableTagName'), join(parameters('MonitorDisableTagValues'), '\",\"'))]" - } - ] - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2022-08-01-preview", - "location": "[parameters('resourceLocation')]", - "name": "[concat(parameters('resourceName'), '-DailyCapLimitReachedAlert')]", - "tags": { - "_deployed_by_amba": true - }, - "identity": { - "type": "UserAssigned", - "userAssignedIdentities": { - "[parameters('UAMIResourceId')]": {} - } - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_servicehealth_actiongroups.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_servicehealth_actiongroups.jsonc deleted file mode 100644 index 50fdded0..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_servicehealth_actiongroups.jsonc +++ /dev/null @@ -1,467 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ServiceHealth_ActionGroups", - "properties": { - "displayName": "Deploy Service Health Action Group", - "description": "Policy to deploy action group for Service Health alerts", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "ALZMonitorActionGroupEmail": { - "defaultValue": [], - "metadata": { - "description": "Email addresses to send alerts to", - "displayName": "Action Group Email Addresses" - }, - "type": "Array" - }, - "ALZMonitorResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "BYOActionGroup": { - "defaultValue": [], - "metadata": { - "description": "The Resource IDs of existing Action Groups currently deployed in the environment.", - "displayName": "Customer defined Action Group Resource IDs" - }, - "type": "array" - }, - "BYOAlertProcessingRule": { - "defaultValue": "", - "metadata": { - "description": "The Resource ID of an existing Alert Processing Rule already deployed by the customer in his environment", - "displayName": "Customer defined Alert Processing Rule Resource ID" - }, - "type": "String" - }, - "ALZLogicappCallbackUrl": { - "defaultValue": "", - "metadata": { - "description": "Callback URL that triggers the Logic App", - "displayName": "Logic App Callback URL" - }, - "type": "String" - }, - "ALZFunctionResourceId": { - "defaultValue": "", - "metadata": { - "description": "Function Resource Id for Action Group to send alerts to", - "displayName": "Function Resource Id" - }, - "type": "String" - }, - "ALZFunctionTriggerUrl": { - "defaultValue": "", - "metadata": { - "description": "URL that triggers the Function", - "displayName": "Function Trigger URL" - }, - "type": "String" - }, - "ALZLogicappResourceId": { - "defaultValue": "", - "metadata": { - "description": "Logic App Resource Id for Action Group to send alerts to", - "displayName": "Logic App Resource Id" - }, - "type": "String" - }, - "ALZEventHubResourceId": { - "defaultValue": [], - "metadata": { - "description": "Event Hub resource Ids for action group to send alerts to", - "displayName": "Event Hub resource Ids" - }, - "type": "array" - }, - "ALZWebhookServiceUri": { - "defaultValue": [], - "metadata": { - "description": "Indicates the service uri(s) of the webhook to send alerts to", - "displayName": "Webhook Service Uri(s)" - }, - "type": "Array" - }, - "ALZArmRoleId": { - "defaultValue": [], - "metadata": { - "description": "Arm Built-in Role Ids for action group to send alerts to", - "displayName": "Arm Role Ids" - }, - "type": "array" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Resources/subscriptions", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - }, - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": "true" - } - ] - }, - "then": { - "effect": "deployIfNotExists", - "details": { - "type": "Microsoft.Insights/actionGroups", - "existenceCondition": { - "allOf": [ - { - "value": "[empty(parameters('BYOActionGroup'))]", - "equals": true - }, - { - "equals": "SH-ActGrp", - "field": "Microsoft.Insights/actionGroups/groupShortName" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "ALZMonitorResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "ALZMonitorResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "ALZMonitorResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - }, - "BYOAlertProcessingRule": { - "value": "[parameters('BYOAlertProcessingRule')]" - }, - "ALZLogicappCallbackUrl": { - "value": "[parameters('ALZLogicappCallbackUrl')]" - }, - "ALZFunctionResourceId": { - "value": "[parameters('ALZFunctionResourceId')]" - }, - "ALZFunctionTriggerUrl": { - "value": "[parameters('ALZFunctionTriggerUrl')]" - }, - "ALZLogicappResourceId": { - "value": "[parameters('ALZLogicappResourceId')]" - }, - "ALZEventHubResourceId": { - "value": "[parameters('ALZEventHubResourceId')]" - }, - "ALZWebhookServiceUri": { - "value": "[parameters('ALZWebhookServiceUri')]" - }, - "ALZArmRoleId": { - "value": "[parameters('ALZArmRoleId')]" - } - }, - "template": { - "parameters": { - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "ALZMonitorResourceGroupName": { - "type": "string" - }, - "ALZMonitorResourceGroupLocation": { - "type": "string" - }, - "ALZMonitorResourceGroupTags": { - "type": "object" - }, - "BYOActionGroup": { - "type": "array" - }, - "BYOAlertProcessingRule": { - "type": "String" - }, - "ALZLogicappCallbackUrl": { - "type": "String" - }, - "ALZFunctionResourceId": { - "type": "string" - }, - "ALZFunctionTriggerUrl": { - "type": "String" - }, - "ALZLogicappResourceId": { - "type": "string" - }, - "ALZEventHubResourceId": { - "type": "array" - }, - "ALZWebhookServiceUri": { - "type": "Array" - }, - "ALZArmRoleId": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('ALZMonitorResourceGroupLocation')]", - "name": "[parameters('ALZMonitorResourceGroupName')]", - "tags": "[parameters('ALZMonitorResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('ALZMonitorResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "ALZMonitorResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - }, - "BYOAlertProcessingRule": { - "value": "[parameters('BYOAlertProcessingRule')]" - }, - "ALZLogicappCallbackUrl": { - "value": "[parameters('ALZLogicappCallbackUrl')]" - }, - "ALZFunctionResourceId": { - "value": "[parameters('ALZFunctionResourceId')]" - }, - "ALZFunctionTriggerUrl": { - "value": "[parameters('ALZFunctionTriggerUrl')]" - }, - "ALZLogicappResourceId": { - "value": "[parameters('ALZLogicappResourceId')]" - }, - "ALZEventHubResourceId": { - "value": "[parameters('ALZEventHubResourceId')]" - }, - "ALZWebhookServiceUri": { - "value": "[parameters('ALZWebhookServiceUri')]" - }, - "ALZArmRoleId": { - "value": "[parameters('ALZArmRoleId')]" - } - }, - "template": { - "parameters": { - "ALZMonitorActionGroupEmail": { - "type": "Array" - }, - "ALZMonitorResourceGroupName": { - "type": "string" - }, - "BYOActionGroup": { - "type": "array" - }, - "BYOAlertProcessingRule": { - "type": "String" - }, - "ALZLogicappCallbackUrl": { - "type": "string" - }, - "ALZFunctionResourceId": { - "type": "string" - }, - "ALZFunctionTriggerUrl": { - "type": "string" - }, - "ALZLogicappResourceId": { - "type": "string" - }, - "ALZEventHubResourceId": { - "type": "array" - }, - "ALZWebhookServiceUri": { - "type": "Array" - }, - "ALZArmRoleId": { - "type": "array" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/actionGroups", - "properties": { - "enabled": true, - "azureFunctionReceivers": "[if(empty(parameters('ALZFunctionResourceId')), null(), variables('varAzureFunctionReceivers'))]", - "logicAppReceivers": "[if(empty(parameters('ALZLogicappResourceId')), null(), variables('varLogicAppReceivers'))]", - "eventHubReceivers": "[if(empty(parameters('ALZEventHubResourceId')), null(), variables('varEventHubReceivers'))]", - "webhookReceivers": "[if(empty(parameters('ALZWebhookServiceUri')), null(), variables('varWebhookReceivers'))]", - "armRoleReceivers": "[if(empty(parameters('ALZArmRoleId')), null(), variables('varArmRoleReceivers'))]", - "emailReceivers": "[if(empty(parameters('ALZMonitorActionGroupEmail')), null(), variables('varEmailReceivers'))]", - "groupShortName": "SH-ActGrp" - }, - "apiVersion": "2023-01-01", - "location": "Global", - "name": "[concat('ag-AMBA-SH-', subscription().displayName, '-001')]", - "tags": { - "_deployed_by_amba": true - }, - "condition": "[empty(parameters('BYOActionGroup'))]" - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "SH-ActionGroupDeployment", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('ALZMonitorResourceGroupName'))]" - ] - } - ], - "variables": { - "varAzureFunctionReceivers": [ - { - "name": "AlzFa-0", - "useCommonAlertSchema": true, - "functionAppResourceId": "[if(empty(parameters('ALZFunctionResourceId')), null(), split(trim(parameters('ALZFunctionResourceId')),'/functions/')[0])]", - "httpTriggerUrl": "[if(empty(parameters('ALZFunctionTriggerUrl')), null(), trim(parameters('ALZFunctionTriggerUrl')))]", - "functionName": "[if(empty(parameters('ALZFunctionResourceId')), null(), split(trim(parameters('ALZFunctionResourceId')),'/')[10])]" - } - ], - "copy": [ - { - "name": "varEmailReceivers", - "mode": "serial", - "count": "[length(parameters('ALZMonitorActionGroupEmail'))]", - "input": { - "name": "[concat('AlzMail-', indexOf(parameters('ALZMonitorActionGroupEmail'), parameters('ALZMonitorActionGroupEmail')[copyIndex('varEmailReceivers')]))]", - "useCommonAlertSchema": true, - "emailAddress": "[trim(parameters('ALZMonitorActionGroupEmail')[copyIndex('varEmailReceivers')])]" - } - }, - { - "name": "varArmRoleReceivers", - "mode": "serial", - "count": "[length(parameters('ALZArmRoleId'))]", - "input": { - "name": "[concat('AlzARM-', indexOf(parameters('ALZArmRoleId'), parameters('ALZArmRoleId')[copyIndex('varArmRoleReceivers')]))]", - "useCommonAlertSchema": true, - "roleId": "[trim(parameters('ALZArmRoleId')[copyIndex('varArmRoleReceivers')])]" - } - }, - { - "name": "varEventHubReceivers", - "mode": "serial", - "count": "[length(parameters('ALZEventHubResourceId'))]", - "input": { - "subscriptionId": "[if(empty(parameters('ALZEventHubResourceId')), null(), split(trim(parameters('ALZEventHubResourceId')[copyIndex('varEventHubReceivers')]),'/')[2])]", - "tenantId": "[subscription().tenantId]", - "name": "[concat('AlzEH-', indexOf(parameters('ALZEventHubResourceId'), parameters('ALZEventHubResourceId')[copyIndex('varEventHubReceivers')]))]", - "useCommonAlertSchema": true, - "eventHubNameSpace": "[if(empty(parameters('ALZEventHubResourceId')), null(), split(trim(parameters('ALZEventHubResourceId')[copyIndex('varEventHubReceivers')]),'/')[8])]", - "eventHubName": "[if(empty(parameters('ALZEventHubResourceId')), null(), split(trim(parameters('ALZEventHubResourceId')[copyIndex('varEventHubReceivers')]),'/')[10])]" - } - }, - { - "name": "varWebhookReceivers", - "mode": "serial", - "count": "[length(parameters('ALZWebhookServiceUri'))]", - "input": { - "tenantId": "null()", - "name": "[concat('AlzWh-', indexOf(parameters('ALZWebhookServiceUri'), parameters('ALZWebhookServiceUri')[copyIndex('varWebhookReceivers')]))]", - "useCommonAlertSchema": true, - "identifierUri": "null()", - "serviceUri": "[trim(parameters('ALZWebhookServiceUri')[copyIndex('varWebhookReceivers')])]", - "useAadAuth": "false", - "objectId": "null()" - } - } - ], - "varLogicAppReceivers": [ - { - "resourceId": "[if(empty(parameters('ALZLogicappResourceId')), null(), trim(parameters('ALZLogicappResourceId')))]", - "name": "AlzLA-0", - "useCommonAlertSchema": true, - "callbackUrl": "[if(empty(parameters('ALZLogicappCallbackUrl')), null(), trim(parameters('ALZLogicappCallbackUrl')))]" - } - ] - }, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('ALZMonitorResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Monitoring/deploy_suppression_alertprocessing_rule.jsonc b/Definitions/policyDefinitions/Monitoring/deploy_suppression_alertprocessing_rule.jsonc deleted file mode 100644 index d51c523a..00000000 --- a/Definitions/policyDefinitions/Monitoring/deploy_suppression_alertprocessing_rule.jsonc +++ /dev/null @@ -1,194 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_Suppression_AlertProcessing_Rule", - "properties": { - "displayName": "Deploy AMBA Notification Suppression Asset", - "description": "Policy to deploy empty and disabled suppression Alert Processing Rule for all AMBA alerts", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "ALZMonitorResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Resources/subscriptions", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "deployIfNotExists", - "details": { - "type": "Microsoft.AlertsManagement/actionRules", - "existenceCondition": { - "allOf": [ - { - "equals": "AMBA Notification Assets - Suppression Alert Processing Rule for maintenance period for Subscription", - "field": "Microsoft.AlertsManagement/actionRules/description" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "ALZMonitorResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "ALZMonitorResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "ALZMonitorResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - } - }, - "template": { - "parameters": { - "ALZMonitorResourceGroupName": { - "type": "string" - }, - "ALZMonitorResourceGroupLocation": { - "type": "string" - }, - "ALZMonitorResourceGroupTags": { - "type": "object" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('ALZMonitorResourceGroupLocation')]", - "name": "[parameters('ALZMonitorResourceGroupName')]", - "tags": "[parameters('ALZMonitorResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('ALZMonitorResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "ALZMonitorResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - }, - "template": { - "parameters": { - "ALZMonitorResourceGroupName": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.AlertsManagement/actionRules", - "properties": { - "description": "AMBA Notification Assets - Suppression Alert Processing Rule for maintenance period for Subscription", - "enabled": false, - "scopes": [ - "[subscription().Id]" - ], - "actions": [ - { - "actionType": "RemoveAllActionGroups" - } - ] - }, - "apiVersion": "2021-08-08", - "location": "Global", - "name": "[concat('apr-AMBA-',subscription().displayName, '-002')]", - "tags": { - "_deployed_by_amba": true - }, - "dependsOn": [] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "SuppressionRuleDeployment", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('ALZMonitorResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('ALZMonitorResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_activitylog_firewall_delete.jsonc b/Definitions/policyDefinitions/Network/deploy_activitylog_firewall_delete.jsonc deleted file mode 100644 index 9251ee15..00000000 --- a/Definitions/policyDefinitions/Network/deploy_activitylog_firewall_delete.jsonc +++ /dev/null @@ -1,282 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_Firewall_Delete", - "properties": { - "displayName": "Deploy Activity Log Azure FireWall Delete Alert", - "description": "Policy to Deploy Activity Log Azure Firewall Delete Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/azureFirewalls", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Administrative", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "operationName", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Microsoft.Network/azureFirewalls/delete", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "name": "ActivityAzureFirewallDelete", - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2020-10-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Activity Log Firewall Delete", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "Administrative", - "field": "category" - }, - { - "equals": "Microsoft.Network/azurefirewalls/delete", - "field": "operationName" - }, - { - "field": "status", - "containsAny": [ - "succeeded" - ] - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ActivityAzureFirewallDelete", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ActivityAzureFirewallDelete", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourceGroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_activitylog_nsg_delete.jsonc b/Definitions/policyDefinitions/Network/deploy_activitylog_nsg_delete.jsonc deleted file mode 100644 index 5a891a46..00000000 --- a/Definitions/policyDefinitions/Network/deploy_activitylog_nsg_delete.jsonc +++ /dev/null @@ -1,282 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_NSG_Delete", - "properties": { - "displayName": "Deploy Activity Log NSG Delete Alert", - "description": "Policy to Deploy Activity Log NSG Delete Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/networkSecurityGroups", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Administrative", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "operationName", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Microsoft.Network/networkSecurityGroups/delete", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "name": "ActivityNSGDelete", - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Activity Log NSG Delete", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "Administrative", - "field": "category" - }, - { - "equals": "Microsoft.Network/networkSecurityGroups/delete", - "field": "operationName" - }, - { - "field": "status", - "containsAny": [ - "succeeded" - ] - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ActivityNSGDelete", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ActivityNSGDelete", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourcegroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_activitylog_routetable_update.jsonc b/Definitions/policyDefinitions/Network/deploy_activitylog_routetable_update.jsonc deleted file mode 100644 index 954cbe6d..00000000 --- a/Definitions/policyDefinitions/Network/deploy_activitylog_routetable_update.jsonc +++ /dev/null @@ -1,282 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_RouteTable_Update", - "properties": { - "displayName": "Deploy Activity Log Route Table Update Alert", - "description": "Policy to Deploy Activity Log Route Table Update Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/routeTables", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Administrative", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "operationName", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Microsoft.Network/routeTables/routes/write", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "name": "ActivityUDRUpdate", - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Activity Log Route table update", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "Administrative", - "field": "category" - }, - { - "equals": "Microsoft.Network/routeTables/routes/write", - "field": "operationName" - }, - { - "field": "status", - "containsAny": [ - "succeeded" - ] - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ActivityUDRUpdate", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ActivityUDRUpdate", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourcegroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_activitylog_vpngateway_delete.jsonc b/Definitions/policyDefinitions/Network/deploy_activitylog_vpngateway_delete.jsonc deleted file mode 100644 index fa59368c..00000000 --- a/Definitions/policyDefinitions/Network/deploy_activitylog_vpngateway_delete.jsonc +++ /dev/null @@ -1,281 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_activitylog_VPNGateway_Delete", - "properties": { - "displayName": "Deploy Activity Log VPN Gateway Delete Alert", - "description": "Policy to Deploy Activity Log VPN Gateway Delete Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "alertResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the Resource group the alert is placed in", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "alertResourceGroupName": { - "defaultValue": "rg-amba-monitoring-001", - "metadata": { - "description": "Resource group the alert is placed in", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "alertResourceGroupTags": { - "defaultValue": { - "Project": "amba-monitoring" - }, - "metadata": { - "description": "Tags on the Resource group the alert is placed in", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/vpnGateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/activityLogAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/ActivityLogAlerts/enabled" - }, - { - "equals": 2, - "count": { - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*]", - "where": { - "anyOf": [ - { - "allOf": [ - { - "equals": "category", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Administrative", - "field": "Microsoft.Insights/ActivityLogAlerts/condition.allOf[*].equals" - } - ] - }, - { - "allOf": [ - { - "equals": "operationName", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].field" - }, - { - "equals": "Microsoft.Network/vpnGateways/delete", - "field": "microsoft.insights/activityLogAlerts/condition.allOf[*].equals" - } - ] - } - ] - } - } - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "alertResourceGroupLocation": { - "value": "[parameters('alertResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('alertResourceGroupTags')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupLocation": { - "type": "string" - }, - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - }, - "alertResourceGroupTags": { - "type": "object" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Resources/resourceGroups", - "apiVersion": "2021-04-01", - "location": "[parameters('alertResourceGroupLocation')]", - "name": "[parameters('alertResourceGroupName')]", - "tags": "[parameters('alertResourceGroupTags')]" - }, - { - "resourceGroup": "[parameters('alertResourceGroupName')]", - "type": "Microsoft.Resources/deployments", - "properties": { - "parameters": { - "alertResourceGroupName": { - "value": "[parameters('alertResourceGroupName')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "template": { - "parameters": { - "alertResourceGroupName": { - "type": "string" - }, - "enabled": { - "type": "string" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "microsoft.insights/activityLogAlerts", - "properties": { - "description": "Activity Log VPN Gateway Delete", - "parameters": { - "enabled": { - "value": "[parameters('enabled')]" - } - }, - "enabled": "[parameters('enabled')]", - "scopes": [ - "[subscription().id]" - ], - "condition": { - "allOf": [ - { - "equals": "Administrative", - "field": "category" - }, - { - "equals": "Microsoft.Network/vpnGateways/delete", - "field": "operationName" - }, - { - "field": "status", - "containsAny": [ - "succeeded" - ] - } - ] - } - }, - "apiVersion": "2020-10-01", - "location": "global", - "name": "ActivityVPNGatewayDelete", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "Incremental" - }, - "apiVersion": "2019-10-01", - "name": "ActivityVPNGatewayDelete", - "dependsOn": [ - "[concat('Microsoft.Resources/resourceGroups/', parameters('alertResourceGroupName'))]" - ] - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - }, - "location": "australiaeast" - }, - "resourceGroupName": "[parameters('alertResourceGroupName')]", - "deploymentScope": "subscription", - "existenceScope": "resourcegroup" - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_afw_firewallhealth_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_afw_firewallhealth_alert.jsonc deleted file mode 100644 index 428523b4..00000000 --- a/Definitions/policyDefinitions/Network/deploy_afw_firewallhealth_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AFW_FirewallHealth_Alert", - "properties": { - "displayName": "Deploy AFW FirewallHealth Alert", - "description": "Policy to audit/deploy Azure Firewall FirewallHealth Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/azureFirewalls", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/azureFirewalls", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "FirewallHealth", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/azureFirewalls/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-FirewallHealth-threshold-Override_'), field('tags._amba-FirewallHealth-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-FirewallHealth-threshold-Override_'), field('tags._amba-FirewallHealth-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for AFW FirewallHealth", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "FirewallHealth", - "metricNamespace": "Microsoft.Network/azureFirewalls", - "criterionType": "StaticThresholdCriterion", - "metricName": "FirewallHealth" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-FirewallHealth')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_afw_snatportutilization_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_afw_snatportutilization_alert.jsonc deleted file mode 100644 index 732c4438..00000000 --- a/Definitions/policyDefinitions/Network/deploy_afw_snatportutilization_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AFW_SNATPortUtilization_Alert", - "properties": { - "displayName": "Deploy AFW SNATPortUtilization Alert", - "description": "Policy to audit/deploy Azure Firewall SNATPortUtilization Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "80", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/azureFirewalls", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/azureFirewalls", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "SNATPortUtilization", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/azureFirewalls/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-SNATPortUtilization-threshold-Override_'), field('tags._amba-SNATPortUtilization-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-SNATPortUtilization-threshold-Override_'), field('tags._amba-SNATPortUtilization-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for AFW SNATPortUtilization", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "SNATPortUtilization", - "metricNamespace": "Microsoft.Network/azureFirewalls", - "criterionType": "StaticThresholdCriterion", - "metricName": "SNATPortUtilization" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-SNATPortUtilization')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_dnsz_registrationcapacityutil_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_dnsz_registrationcapacityutil_alert.jsonc deleted file mode 100644 index 587a7eb0..00000000 --- a/Definitions/policyDefinitions/Network/deploy_dnsz_registrationcapacityutil_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_DNSZ_RegistrationCapacityUtil_Alert", - "properties": { - "displayName": "Deploy PDNSZ Registration Capacity Utilization Alert", - "description": "Policy to audit/deploy Private DNS Zone Registration Capacity Utilization Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1H", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1H", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "80", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/privateDnsZones", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/privateDnsZones", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "VirtualNetworkWithRegistrationCapacityUtilization", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Maximum", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThanOrEqual", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkWithRegistrationCapacityUtilization-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Private DNS Zone Registration Capacity Utilization", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Maximum", - "operator": "GreaterThanOrEqual", - "name": "VirtualNetworkWithRegistrationCapacityUtilization", - "metricNamespace": "Microsoft.Network/privateDnsZones", - "criterionType": "StaticThresholdCriterion", - "metricName": "VirtualNetworkWithRegistrationCapacityUtilization" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-RequestsAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_ercir_arpavailability_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_ercir_arpavailability_alert.jsonc deleted file mode 100644 index c35b0d4d..00000000 --- a/Definitions/policyDefinitions/Network/deploy_ercir_arpavailability_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERCIR_ArpAvailability_Alert", - "properties": { - "displayName": "Deploy ExpressRoute Circuits Arp Availability Alert", - "description": "Policy to audit/deploy ExpressRoute Circuits Arp Availability Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRouteCircuits", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRouteCircuits", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ArpAvailability", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-ArpAvailability-threshold-Override_'), field('tags._amba-ArpAvailability-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-ArpAvailability-threshold-Override_'), field('tags._amba-ArpAvailability-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ExpressRoute Circuit Arp Availability", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "ArpAvailability", - "metricNamespace": "Microsoft.Network/expressRouteCircuits", - "criterionType": "StaticThresholdCriterion", - "metricName": "ArpAvailability" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-ArpAvailability')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_ercir_bgpavailability_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_ercir_bgpavailability_alert.jsonc deleted file mode 100644 index f5f54dd2..00000000 --- a/Definitions/policyDefinitions/Network/deploy_ercir_bgpavailability_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERCIR_BgpAvailability_Alert", - "properties": { - "displayName": "Deploy ExpressRoute Circuits Bgp Availability Alert", - "description": "Policy to audit/deploy ExpressRoute Circuits Bgp Availability Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRouteCircuits", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRouteCircuits", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "BgpAvailability", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-BgpAvailability-threshold-Override_'), field('tags._amba-BgpAvailability-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-BgpAvailability-threshold-Override_'), field('tags._amba-BgpAvailability-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ExpressRoute Circuit Bgp Availability", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "BgpAvailability", - "metricNamespace": "Microsoft.Network/expressRouteCircuits", - "criterionType": "StaticThresholdCriterion", - "metricName": "BgpAvailability" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-BgpAvailability')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_ercir_qosdropbitsinpersecond_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_ercir_qosdropbitsinpersecond_alert.jsonc deleted file mode 100644 index b8bb12a9..00000000 --- a/Definitions/policyDefinitions/Network/deploy_ercir_qosdropbitsinpersecond_alert.jsonc +++ /dev/null @@ -1,359 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERCIR_QosDropBitsInPerSecond_Alert", - "properties": { - "displayName": "Deploy ExpressRoute Circuits QosDropBitsInPerSecond Alert", - "description": "Policy to audit/deploy ExpressRoute Circuits QosDropBitsInPerSecond Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRouteCircuits", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRouteCircuits", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "QosDropBitsInPerSecond", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ExpressRoute Circuit QosDropBitsInPerSecond", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "QosDropBitsInPerSecond", - "metricNamespace": "Microsoft.Network/expressRouteCircuits", - "criterionType": "DynamicThresholdCriterion", - "metricName": "QosDropBitsInPerSecond", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-QosDropBitsInPerSecond')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_ercir_qosdropbitsoutpersecond_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_ercir_qosdropbitsoutpersecond_alert.jsonc deleted file mode 100644 index ce547837..00000000 --- a/Definitions/policyDefinitions/Network/deploy_ercir_qosdropbitsoutpersecond_alert.jsonc +++ /dev/null @@ -1,359 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERCIR_QosDropBitsOutPerSecond_Alert", - "properties": { - "displayName": "Deploy ExpressRoute Circuits QosDropBitsOutPerSecond Alert", - "description": "Policy to audit/deploy ExpressRoute Circuits QosDropBitsOutPerSecond Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRouteCircuits", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRouteCircuits", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "QosDropBitsOutPerSecond", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRouteCircuits/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ExpressRoute Circuit QosDropBitsOutPerSecond", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "QosDropBitsOutPerSecond", - "metricNamespace": "Microsoft.Network/expressRouteCircuits", - "criterionType": "DynamicThresholdCriterion", - "metricName": "QosDropBitsOutPerSecond", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-QosDropBitsOutPerSecond')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_ergw_expressroutebitsin_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_ergw_expressroutebitsin_alert.jsonc deleted file mode 100644 index 64349b33..00000000 --- a/Definitions/policyDefinitions/Network/deploy_ergw_expressroutebitsin_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERGw_ExpressRouteBitsIn_Alert", - "properties": { - "displayName": "Deploy ERG ExpressRoute Bits In Alert", - "description": "Policy to audit/deploy ER Gateway Connection BitsInPerSecond Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressroutegateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressroutegateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ERGatewayConnectionBitsInPerSecond", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressroutegateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsInPerSecond-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ER Gateway Connection BitsInPerSecond", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "ERGatewayConnectionBitsInPerSecond", - "metricNamespace": "Microsoft.Network/expressroutegateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "ERGatewayConnectionBitsInPerSecond" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-GatewayERBitsInAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_ergw_expressroutebitsout_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_ergw_expressroutebitsout_alert.jsonc deleted file mode 100644 index a3517f1d..00000000 --- a/Definitions/policyDefinitions/Network/deploy_ergw_expressroutebitsout_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERGw_ExpressRouteBitsOut_Alert", - "properties": { - "displayName": "Deploy ERG ExpressRoute Bits Out Alert", - "description": "Policy to audit/deploy ER Gateway Connection BitsOutPerSecond Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressroutegateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressroutegateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ERGatewayConnectionBitsOutPerSecond", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressroutegateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), field('tags._amba-ERGatewayConnectionBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ER Gateway Connection BitsOutPerSecond", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "ERGatewayConnectionBitsOutPerSecond", - "metricNamespace": "Microsoft.Network/expressroutegateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "ERGatewayConnectionBitsOutPerSecond" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-GatewayERBitsOutAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_ergw_expressroutecpuutil_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_ergw_expressroutecpuutil_alert.jsonc deleted file mode 100644 index 2a76533d..00000000 --- a/Definitions/policyDefinitions/Network/deploy_ergw_expressroutecpuutil_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERGw_ExpressRouteCpuUtil_Alert", - "properties": { - "displayName": "Deploy ERG ExpressRoute CPU Utilization Alert", - "description": "Policy to audit/deploy ER Gateway Express Route CPU Utilization Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "80", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressroutegateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressroutegateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ExpressRouteGatewayCpuUtilization", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressroutegateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ER Gateway Express Route CPU Utilization", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ExpressRouteGatewayCpuUtilization", - "metricNamespace": "Microsoft.Network/expressroutegateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "ExpressRouteGatewayCpuUtilization" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-GatewayERCPUAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_pdnsz_capacityutil_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_pdnsz_capacityutil_alert.jsonc deleted file mode 100644 index 4fd461cd..00000000 --- a/Definitions/policyDefinitions/Network/deploy_pdnsz_capacityutil_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_PDNSZ_CapacityUtil_Alert", - "properties": { - "displayName": "Deploy PDNSZ Capacity Utilization Alert", - "description": "Policy to audit/deploy Private DNS Zone Capacity Utilization Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1H", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1H", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "80", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/privateDnsZones", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/privateDnsZones", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "VirtualNetworkLinkCapacityUtilization", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Maximum", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThanOrEqual", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), field('tags._amba-VirtualNetworkLinkCapacityUtilization-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Private DNS Zone Virtual Network Link Capacity Utilization", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Maximum", - "operator": "GreaterThanOrEqual", - "name": "VirtualNetworkLinkCapacityUtilization", - "metricNamespace": "Microsoft.Network/privateDnsZones", - "criterionType": "StaticThresholdCriterion", - "metricName": "VirtualNetworkLinkCapacityUtilization" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-CapacityUtilizationAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_pdnsz_queryvolume_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_pdnsz_queryvolume_alert.jsonc deleted file mode 100644 index 242a1178..00000000 --- a/Definitions/policyDefinitions/Network/deploy_pdnsz_queryvolume_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_PDNSZ_QueryVolume_Alert", - "properties": { - "displayName": "Deploy PDNSZ Query Volume Alert", - "description": "Policy to audit/deploy Private DNS Zone Query Volume Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1H", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1H", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "4", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "500", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/privateDnsZones", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/privateDnsZones", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "QueryVolume", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Total", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThanOrEqual", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-QueryVolume-threshold-Override_'), field('tags._amba-QueryVolume-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-QueryVolume-threshold-Override_'), field('tags._amba-QueryVolume-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Private DNS Query Volume", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Total", - "operator": "GreaterThanOrEqual", - "name": "QueryVolume", - "metricNamespace": "Microsoft.Network/privateDnsZones", - "criterionType": "StaticThresholdCriterion", - "metricName": "QueryVolume" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-QueryVolumeAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_pdnsz_recordsetcapacity_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_pdnsz_recordsetcapacity_alert.jsonc deleted file mode 100644 index 9c811ced..00000000 --- a/Definitions/policyDefinitions/Network/deploy_pdnsz_recordsetcapacity_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_PDNSZ_RecordSetCapacity_Alert", - "properties": { - "displayName": "Deploy PDNSZ Record Set Capacity Alert", - "description": "Policy to audit/deploy Private DNS Zone Record Set Capacity Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1H", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1H", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "80", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/privateDnsZones", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/privateDnsZones", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "RecordSetCapacityUtilization", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/privateDnsZones/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Maximum", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThanOrEqual", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-RecordSetCapacityUtilization-threshold-Override_'), field('tags._amba-RecordSetCapacityUtilization-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-RecordSetCapacityUtilization-threshold-Override_'), field('tags._amba-RecordSetCapacityUtilization-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Private DNS Zone Record Set Capacity Utilization", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Maximum", - "operator": "GreaterThanOrEqual", - "name": "RecordSetCapacityUtilization", - "metricNamespace": "Microsoft.Network/privateDnsZones", - "criterionType": "StaticThresholdCriterion", - "metricName": "RecordSetCapacityUtilization" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-RecordSet_Capacity_Utilization')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_publicip_bytesinddosattack_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_publicip_bytesinddosattack_alert.jsonc deleted file mode 100644 index 352de590..00000000 --- a/Definitions/policyDefinitions/Network/deploy_publicip_bytesinddosattack_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_PublicIp_BytesInDDoSAttack_Alert", - "properties": { - "displayName": "Deploy PIP Bytes in DDoS Attack Alert", - "description": "Policy to audit/deploy PIP Bytes in DDoS Attack Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "4", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "8000000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/publicIPAddresses", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/publicIPAddresses", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "bytesinddos", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Maximum", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-bytesinddos-threshold-Override_'), field('tags._amba-bytesinddos-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-bytesinddos-threshold-Override_'), field('tags._amba-bytesinddos-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Public IP Address Bytes IN DDOS", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Maximum", - "operator": "GreaterThan", - "name": "bytesinddos", - "metricNamespace": "Microsoft.Network/publicIPAddresses", - "criterionType": "StaticThresholdCriterion", - "metricName": "bytesinddos" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-BytesInDDOSAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_publicip_ddosattack_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_publicip_ddosattack_alert.jsonc deleted file mode 100644 index d0764bde..00000000 --- a/Definitions/policyDefinitions/Network/deploy_publicip_ddosattack_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_PublicIp_DDoSAttack_Alert", - "properties": { - "displayName": "Deploy PIP DDoS Attack Alert", - "description": "Policy to audit/deploy PIP DDoS Attack Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "0", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/publicIPAddresses", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/publicIPAddresses", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ifunderddosattack", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Maximum", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-ifunderddosattack-threshold-Override_'), field('tags._amba-ifunderddosattack-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-ifunderddosattack-threshold-Override_'), field('tags._amba-ifunderddosattack-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Public IP Address Under Attack", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Maximum", - "operator": "GreaterThan", - "name": "ifunderddosattack", - "metricNamespace": "Microsoft.Network/publicIPAddresses", - "criterionType": "StaticThresholdCriterion", - "metricName": "ifunderddosattack" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-DDOS_Attack')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_publicip_packetsinddosattack_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_publicip_packetsinddosattack_alert.jsonc deleted file mode 100644 index 3228a675..00000000 --- a/Definitions/policyDefinitions/Network/deploy_publicip_packetsinddosattack_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_PublicIp_PacketsInDDoSAttack_Alert", - "properties": { - "displayName": "Deploy PIP Packets in DDoS Attack Alert", - "description": "Policy to audit/deploy PIP Packets in DDoS Attack Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "4", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "40000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/publicIPAddresses", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/publicIPAddresses", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "PacketsInDDoS", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Total", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThanOrEqual", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-PacketsInDDoS-threshold-Override_'), field('tags._amba-PacketsInDDoS-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-PacketsInDDoS-threshold-Override_'), field('tags._amba-PacketsInDDoS-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Public IP Address Packets IN DDOS", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Total", - "operator": "GreaterThanOrEqual", - "name": "PacketsInDDoS", - "metricNamespace": "Microsoft.Network/publicIPAddresses", - "criterionType": "StaticThresholdCriterion", - "metricName": "PacketsInDDoS" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-PacketsInDDosAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_publicip_vipavailability_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_publicip_vipavailability_alert.jsonc deleted file mode 100644 index 045c96b0..00000000 --- a/Definitions/policyDefinitions/Network/deploy_publicip_vipavailability_alert.jsonc +++ /dev/null @@ -1,334 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_PublicIp_VIPAvailability_Alert", - "properties": { - "displayName": "Deploy PIP VIP Availability Alert", - "description": "Policy to audit/deploy PIP VIP Availability Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/publicIPAddresses", - "field": "type" - }, - { - "equals": "Standard", - "field": "Microsoft.Network/publicIPAddresses/sku.name" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/publicIPAddresses", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "VipAvailability", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/publicIPAddresses/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Public IP Address VIP Availability", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "VipAvailability", - "metricNamespace": "Microsoft.Network/publicIPAddresses", - "criterionType": "StaticThresholdCriterion", - "metricName": "VipAvailability" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-VIPAvailabityAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vnet_ddosattack_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vnet_ddosattack_alert.jsonc deleted file mode 100644 index 9c25f3f5..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vnet_ddosattack_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VNET_DDoSAttack_Alert", - "properties": { - "displayName": "Deploy VNet DDoS Attack Alert", - "description": "Policy to audit/deploy Virtual Network DDoS Attack Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "0", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworks", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworks", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ifunderddosattack", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworks/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Maximum", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-ifunderddosattack-threshold-Override_'), field('tags._amba-ifunderddosattack-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-ifunderddosattack-threshold-Override_'), field('tags._amba-ifunderddosattack-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VNet DDOS Attack", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Maximum", - "operator": "GreaterThan", - "name": "ifunderddosattack", - "metricNamespace": "Microsoft.Network/virtualNetworks", - "criterionType": "StaticThresholdCriterion", - "metricName": "ifunderddosattack" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-DDOSAttackAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vnetgw_expressroutebitspersecond_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vnetgw_expressroutebitspersecond_alert.jsonc deleted file mode 100644 index 65805aa1..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vnetgw_expressroutebitspersecond_alert.jsonc +++ /dev/null @@ -1,334 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VnetGw_ExpressRouteBitsPerSecond_Alert", - "properties": { - "displayName": "Deploy VNetG ExpressRoute Bits Per Second Alert", - "description": "Policy to audit/deploy Virtual Network Gateway Express Route Bits Per Second Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworkGateways", - "field": "type" - }, - { - "equals": "ExpressRoute", - "field": "Microsoft.Network/virtualNetworkGateways/gatewayType" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworkGateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ExpressRouteGatewayBitsPerSecond", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), field('tags._amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), field('tags._amba-ExpressRouteGatewayBitsPerSecond-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VNet Gateway Express Route Bits Per Second", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "ExpressRouteGatewayBitsPerSecond", - "metricNamespace": "Microsoft.Network/virtualNetworkGateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "ExpressRouteGatewayBitsPerSecond" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-GatewayERBitsAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vnetgw_expressroutecpuutil_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vnetgw_expressroutecpuutil_alert.jsonc deleted file mode 100644 index bffe0b39..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vnetgw_expressroutecpuutil_alert.jsonc +++ /dev/null @@ -1,334 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VnetGw_ExpressRouteCpuUtil_Alert", - "properties": { - "displayName": "Deploy VNetG ExpressRoute CPU Utilization Alert", - "description": "Policy to audit/deploy Virtual Network Gateway Express Route CPU Utilization Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.1", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "80", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworkGateways", - "field": "type" - }, - { - "equals": "ExpressRoute", - "field": "Microsoft.Network/virtualNetworkGateways/gatewayType" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworkGateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ExpressRouteGatewayCpuUtilization", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), field('tags._amba-ExpressRouteGatewayCpuUtilization-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VNet Gateway Express Route CPU Utilization", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ExpressRouteGatewayCpuUtilization", - "metricNamespace": "Microsoft.Network/virtualNetworkGateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "ExpressRouteGatewayCpuUtilization" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-GatewayERCPUAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelbandwidth_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelbandwidth_alert.jsonc deleted file mode 100644 index abd105ec..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelbandwidth_alert.jsonc +++ /dev/null @@ -1,334 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VnetGw_TunnelBandwidth_Alert", - "properties": { - "displayName": "Deploy VNetG Tunnel Bandwidth Alert", - "description": "Policy to audit/deploy Virtual Network Gateway Tunnel Bandwidth Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworkGateways", - "field": "type" - }, - { - "equals": "VPN", - "field": "Microsoft.Network/virtualNetworkGateways/gatewayType" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworkGateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TunnelAverageBandwidth", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-TunnelAverageBandwidth-threshold-Override_'), field('tags._amba-TunnelAverageBandwidth-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-TunnelAverageBandwidth-threshold-Override_'), field('tags._amba-TunnelAverageBandwidth-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VNet Gateway Tunnel Avg Bandwidth", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "TunnelAverageBandwidth", - "metricNamespace": "Microsoft.Network/virtualNetworkGateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "TunnelAverageBandwidth" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelBandwidthAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelegress_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelegress_alert.jsonc deleted file mode 100644 index 7f32d933..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelegress_alert.jsonc +++ /dev/null @@ -1,334 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VnetGw_TunnelEgress_Alert", - "properties": { - "displayName": "Deploy VNetG Tunnel Egress Alert", - "description": "Policy to audit/deploy Virtual Network Gateway Tunnel Egress Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworkGateways", - "field": "type" - }, - { - "equals": "VPN", - "field": "Microsoft.Network/virtualNetworkGateways/gatewayType" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworkGateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TunnelEgressBytes", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-TunnelEgressBytes-threshold-Override_'), field('tags._amba-TunnelEgressBytes-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-TunnelEgressBytes-threshold-Override_'), field('tags._amba-TunnelEgressBytes-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VNet Gateway Tunnel Egress Bytes", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "TunnelEgressBytes", - "metricNamespace": "Microsoft.Network/virtualNetworkGateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "TunnelEgressBytes" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelEgressAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelegresspacketdropcount_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelegresspacketdropcount_alert.jsonc deleted file mode 100644 index 92aea4fb..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelegresspacketdropcount_alert.jsonc +++ /dev/null @@ -1,363 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VnetGw_TunnelEgressPacketDropCount_Alert", - "properties": { - "displayName": "Deploy VNetG Egress Packet Drop Count Alert", - "description": "Policy to audit/deploy Vnet Gateway Egress Packet Drop Count Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "4", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "4", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/virtualNetworkGateways", - "field": "type" - }, - { - "equals": "VPN", - "field": "Microsoft.Network/virtualNetworkGateways/gatewayType" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/virtualNetworkGateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TunnelEgressPacketDropCount", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/virtualNetworkGateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Vnet Gateway tunnel TunnelEgressPacketDropCount", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "TunnelEgressPacketDropCount", - "metricNamespace": "microsoft.network/virtualNetworkGateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "TunnelEgressPacketDropCount", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelEgressPacketDropCountAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelegresspacketdropmismatch_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelegresspacketdropmismatch_alert.jsonc deleted file mode 100644 index 777306ca..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelegresspacketdropmismatch_alert.jsonc +++ /dev/null @@ -1,363 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VnetGw_TunnelEgressPacketDropMismatch_Alert", - "properties": { - "displayName": "Deploy VNetG Egress Packet Drop Mismatch Alert", - "description": "Policy to audit/deploy Vnet Gateway Egress Packet Drop Mismatch Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "4", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "4", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/virtualNetworkGateways", - "field": "type" - }, - { - "equals": "VPN", - "field": "Microsoft.Network/virtualNetworkGateways/gatewayType" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/virtualNetworkGateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TunnelEgressPacketDropTSMismatch", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/virtualNetworkGateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Vnet Gateway tunnel TunnelEgressPacketDropTSMismatch", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "TunnelEgressPacketDropTSMismatch", - "metricNamespace": "microsoft.network/virtualNetworkGateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "TunnelEgressPacketDropTSMismatch", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelEgressPacketDropTSMismatchAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelingress_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelingress_alert.jsonc deleted file mode 100644 index 152106c7..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelingress_alert.jsonc +++ /dev/null @@ -1,334 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VnetGw_TunnelIngress_Alert", - "properties": { - "displayName": "Deploy VNetG Tunnel Ingress Alert", - "description": "Policy to audit/deploy Virtual Network Gateway Tunnel Ingress Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworkGateways", - "field": "type" - }, - { - "equals": "VPN", - "field": "Microsoft.Network/virtualNetworkGateways/gatewayType" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/virtualNetworkGateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TunnelIngressBytes", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/virtualNetworkGateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-TunnelIngressBytes-threshold-Override_'), field('tags._amba-TunnelIngressBytes-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-TunnelIngressBytes-threshold-Override_'), field('tags._amba-TunnelIngressBytes-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VNet Gateway Tunnel ingress Bytes", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "TunnelIngressBytes", - "metricNamespace": "Microsoft.Network/virtualNetworkGateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "TunnelIngressBytes" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelIngressAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelingresspacketdropcount_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelingresspacketdropcount_alert.jsonc deleted file mode 100644 index ac24203f..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelingresspacketdropcount_alert.jsonc +++ /dev/null @@ -1,363 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VnetGw_TunnelIngressPacketDropCount_Alert", - "properties": { - "displayName": "Deploy VNetG Ingress Packet Drop Count Alert", - "description": "Policy to audit/deploy Vnet Gateway Ingress Packet Drop Count Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "4", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "4", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/virtualNetworkGateways", - "field": "type" - }, - { - "equals": "VPN", - "field": "Microsoft.Network/virtualNetworkGateways/gatewayType" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/virtualNetworkGateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TunnelIngressPacketDropCount", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/virtualNetworkGateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Vnet Gateway tunnel TunnelIngressPacketDropCount", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "TunnelIngressPacketDropCount", - "metricNamespace": "microsoft.network/virtualNetworkGateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "TunnelIngressPacketDropCount", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelIngressPacketDropCountAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelingresspacketdropmismatch_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelingresspacketdropmismatch_alert.jsonc deleted file mode 100644 index 1c86882c..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vnetgw_tunnelingresspacketdropmismatch_alert.jsonc +++ /dev/null @@ -1,363 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VnetGw_TunnelIngressPacketDropMismatch_Alert", - "properties": { - "displayName": "Deploy VNetG Ingress Packet Drop Mismatch Alert", - "description": "Policy to audit/deploy Vnet Gateway Ingress Packet Drop Mismatch Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.4.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "4", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "4", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/virtualNetworkGateways", - "field": "type" - }, - { - "equals": "VPN", - "field": "Microsoft.Network/virtualNetworkGateways/gatewayType" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/virtualNetworkGateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TunnelIngressPacketDropTSMismatch", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/virtualNetworkGateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Vnet Gateway tunnel TunnelIngressPacketDropTSMismatch", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "TunnelIngressPacketDropTSMismatch", - "metricNamespace": "microsoft.network/virtualNetworkGateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "TunnelIngressPacketDropTSMismatch", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelIngressPacketDropTSMismatchAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vpngw_bandwidthutil_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vpngw_bandwidthutil_alert.jsonc deleted file mode 100644 index 682325ed..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vpngw_bandwidthutil_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VPNGw_BandwidthUtil_Alert", - "properties": { - "displayName": "Deploy VPNG Bandwidth Utilization Alert", - "description": "Policy to audit/deploy VPN Gateway Bandwidth Utilization Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "tunnelaveragebandwidth", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/vpngateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-tunnelaveragebandwidth-threshold-Override_'), field('tags._amba-tunnelaveragebandwidth-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-tunnelaveragebandwidth-threshold-Override_'), field('tags._amba-tunnelaveragebandwidth-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VPN Gateway Bandwidth Utilization", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "tunnelaveragebandwidth", - "metricNamespace": "microsoft.network/vpngateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "tunnelaveragebandwidth" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-GatewayBandwidthAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vpngw_bgppeerstatus_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vpngw_bgppeerstatus_alert.jsonc deleted file mode 100644 index aef2ad28..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vpngw_bgppeerstatus_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VPNGw_BGPPeerStatus_Alert", - "properties": { - "displayName": "Deploy VPNG BGP Peer Status Alert", - "description": "Policy to audit/deploy VPN Gateway BGP Peer Status Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "bgppeerstatus", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/vpngateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Total", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-bgppeerstatus-threshold-Override_'), field('tags._amba-bgppeerstatus-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-bgppeerstatus-threshold-Override_'), field('tags._amba-bgppeerstatus-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VPN Gateway BGP peer status", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Total", - "operator": "LessThan", - "name": "bgppeerstatus", - "metricNamespace": "microsoft.network/vpngateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "bgppeerstatus" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-BGPPeerStatusAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vpngw_egress_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vpngw_egress_alert.jsonc deleted file mode 100644 index 41761c25..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vpngw_egress_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VPNGw_Egress_Alert", - "properties": { - "displayName": "Deploy VPNG Egress Alert", - "description": "Policy to audit/deploy VPN Gateway Egress Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "tunnelegressbytes", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/vpngateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-tunnelegressbytes-threshold-Override_'), field('tags._amba-tunnelegressbytes-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-tunnelegressbytes-threshold-Override_'), field('tags._amba-tunnelegressbytes-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VPN Gateway tunnel egress bytes", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "tunnelegressbytes", - "metricNamespace": "microsoft.network/vpngateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "tunnelegressbytes" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelEgressAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vpngw_ingress_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vpngw_ingress_alert.jsonc deleted file mode 100644 index e8b84953..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vpngw_ingress_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VPNGw_Ingress_Alert", - "properties": { - "displayName": "Deploy VPNG Ingress Alert", - "description": "Policy to audit/deploy VPN Gateway Ingress Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "tunnelingressbytes", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/vpngateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-tunnelingressbytes-threshold-Override_'), field('tags._amba-tunnelingressbytes-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-tunnelingressbytes-threshold-Override_'), field('tags._amba-tunnelingressbytes-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VPN Gateway tunnel ingress bytes", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "tunnelingressbytes", - "metricNamespace": "microsoft.network/vpngateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "tunnelingressbytes" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelIngressAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelegresspacketdropcount_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelegresspacketdropcount_alert.jsonc deleted file mode 100644 index fe832da0..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelegresspacketdropcount_alert.jsonc +++ /dev/null @@ -1,359 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VPNGw_TunnelEgressPacketDropCount_Alert", - "properties": { - "displayName": "Deploy VPNG Egress Packet Drop Count Alert", - "description": "Policy to audit/deploy VPN Gateway Egress Packet Drop Count Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "4", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "4", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TunnelEgressPacketDropCount", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/vpngateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VPN Gateway tunnel TunnelEgressPacketDropCount", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "TunnelEgressPacketDropCount", - "metricNamespace": "microsoft.network/vpngateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "TunnelEgressPacketDropCount", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelEgressPacketDropCountAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelegresspacketdropmismatch_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelegresspacketdropmismatch_alert.jsonc deleted file mode 100644 index 9cbe9ae3..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelegresspacketdropmismatch_alert.jsonc +++ /dev/null @@ -1,359 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VPNGw_TunnelEgressPacketDropMismatch_Alert", - "properties": { - "displayName": "Deploy VPNG Egress Packet Drop Mismatch Alert", - "description": "Policy to audit/deploy VPN Gateway Egress Packet Drop Mismatch Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "4", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "4", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TunnelEgressPacketDropTSMismatch", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/vpngateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VPN Gateway tunnel TunnelEgressPacketDropTSMismatch", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "TunnelEgressPacketDropTSMismatch", - "metricNamespace": "microsoft.network/vpngateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "TunnelEgressPacketDropTSMismatch", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelEgressPacketDropTSMismatchAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelingresspacketdropcount_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelingresspacketdropcount_alert.jsonc deleted file mode 100644 index 22db4e27..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelingresspacketdropcount_alert.jsonc +++ /dev/null @@ -1,359 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VPNGw_TunnelIngressPacketDropCount_Alert", - "properties": { - "displayName": "Deploy VPNG Ingress Packet Drop Count Alert", - "description": "Policy to audit/deploy VPN Gateway Ingress Packet Drop Count Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "4", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "4", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TunnelIngressPacketDropCount", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/vpngateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VPN Gateway tunnel TunnelIngressPacketDropCount", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "TunnelIngressPacketDropCount", - "metricNamespace": "microsoft.network/vpngateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "TunnelIngressPacketDropCount", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelIngressPacketDropCountAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelingresspacketdropmismatch_alert.jsonc b/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelingresspacketdropmismatch_alert.jsonc deleted file mode 100644 index 67166b74..00000000 --- a/Definitions/policyDefinitions/Network/deploy_vpngw_tunnelingresspacketdropmismatch_alert.jsonc +++ /dev/null @@ -1,359 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_VPNGw_TunnelIngressPacketDropMismatch_Alert", - "properties": { - "displayName": "Deploy VPNG Ingress Packet Drop Mismatch Alert", - "description": "Policy to audit/deploy VPN Gateway Ingress Packet Drop Mismatch Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Network", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "4", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "4", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "microsoft.network/vpngateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TunnelIngressPacketDropTSMismatch", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/microsoft.network/vpngateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for VPN Gateway tunnel TunnelIngressPacketDropTSMismatch", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "TunnelIngressPacketDropTSMismatch", - "metricNamespace": "microsoft.network/vpngateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "TunnelIngressPacketDropTSMismatch", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-TunnelIngressPacketDropTSMismatchAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Networking/deploy_erp_expressroutrxlightlevel_alert.jsonc b/Definitions/policyDefinitions/Networking/deploy_erp_expressroutrxlightlevel_alert.jsonc deleted file mode 100644 index 075df8cc..00000000 --- a/Definitions/policyDefinitions/Networking/deploy_erp_expressroutrxlightlevel_alert.jsonc +++ /dev/null @@ -1,331 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERP_ExpressRoutRxLightLevel_Alert", - "properties": { - "displayName": "Deploy ER Direct ExpressRoute RxLightLevel High Alert", - "description": "Policy to audit/deploy ER Direct RxLightLevel High Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "category": "Networking", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "0", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "RxLightLevel", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-RxLightLevel-High-threshold-Override_'), field('tags._amba-RxLightLevel-High-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-RxLightLevel-High-threshold-Override_'), field('tags._amba-RxLightLevel-High-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ER Direct Connection RxLightLevelHigh", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "RxLightLevel", - "metricNamespace": "Microsoft.Network/expressRoutePorts", - "criterionType": "StaticThresholdCriterion", - "metricName": "RxLightLevel" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-DirectERRxLightLevelHighAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Networking/deploy_fd_backendhealth_alert.jsonc b/Definitions/policyDefinitions/Networking/deploy_fd_backendhealth_alert.jsonc deleted file mode 100644 index 3f604611..00000000 --- a/Definitions/policyDefinitions/Networking/deploy_fd_backendhealth_alert.jsonc +++ /dev/null @@ -1,327 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_FD_BackendHealth_Alert", - "properties": { - "displayName": "Deploy Frontdoor Backend Health Percentage Alert", - "description": "Policy to audit/deploy FrontDoor Backend Health Percentage Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.1.1", - "category": "Networking", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/frontdoors", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/frontdoors", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "BackendHealthPercentage", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/frontdoors/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-BackendHealthPercentage-threshold-Override_'), field('tags._amba-BackendHealthPercentage-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-BackendHealthPercentage-threshold-Override_'), field('tags._amba-BackendHealthPercentage-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Frontdoor Backend Health Percentage", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "BackendHealthPercentage", - "metricNamespace": "Microsoft.Network/frontdoors", - "criterionType": "StaticThresholdCriterion", - "metricName": "BackendHealthPercentage" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-BackendHealthPercentage')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Networking/deploy_fd_backendrequestlatency_alert.jsonc b/Definitions/policyDefinitions/Networking/deploy_fd_backendrequestlatency_alert.jsonc deleted file mode 100644 index dad282ea..00000000 --- a/Definitions/policyDefinitions/Networking/deploy_fd_backendrequestlatency_alert.jsonc +++ /dev/null @@ -1,325 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_FD_BackendRequestLatency_Alert", - "properties": { - "displayName": "Deploy Frontdoor Backend Request Latency Alert", - "description": "Policy to audit/deploy Frontdoor Backend Request Latency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Networking", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/frontdoors", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/frontdoors", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "BackendRequestLatency", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/frontdoors/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": 2, - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": 2, - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Frontdoor BackendRequestLatency", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": 2, - "minFailingPeriodsToAlert": 2 - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ServiceApiResult", - "metricNamespace": "Microsoft.Network/frontdoors", - "criterionType": "DynamicThresholdCriterion", - "metricName": "BackendRequestLatency", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-BackendRequestLatencyAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Networking/deploy_frontdoorcdn_originlatency_alert.jsonc b/Definitions/policyDefinitions/Networking/deploy_frontdoorcdn_originlatency_alert.jsonc deleted file mode 100644 index 37350fd0..00000000 --- a/Definitions/policyDefinitions/Networking/deploy_frontdoorcdn_originlatency_alert.jsonc +++ /dev/null @@ -1,359 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_FrontDoorCDN_OriginLatency_Alert", - "properties": { - "displayName": "Deploy FrontDoor CDN Profile Origin Latency Alert", - "description": "Policy to audit/deploy FrontDoor CDN Profile Origin Latency Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Networking", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Cdn/profiles", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Cdn/profiles", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "OriginLatency", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Frontdoor CDN Origin Latency", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ServiceApiResult", - "metricNamespace": "Microsoft.Cdn/profiles", - "criterionType": "DynamicThresholdCriterion", - "metricName": "OriginLatency", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-OriginLatencyAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Networking/deploy_frontdoorcdn_percentage4xx_alert.jsonc b/Definitions/policyDefinitions/Networking/deploy_frontdoorcdn_percentage4xx_alert.jsonc deleted file mode 100644 index f51215bd..00000000 --- a/Definitions/policyDefinitions/Networking/deploy_frontdoorcdn_percentage4xx_alert.jsonc +++ /dev/null @@ -1,359 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_FrontDoorCDN_Percentage4XX_Alert", - "properties": { - "displayName": "Deploy FrontDoor CDN Profile Percentage4XX Alert", - "description": "Policy to audit/deploy FrontDoor CDN Profile Percentage4XX Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Networking", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Cdn/profiles", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Cdn/profiles", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "Percentage4XX", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Frontdoor CDN Origin Latency", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ServiceApiResult", - "metricNamespace": "Microsoft.Cdn/profiles", - "criterionType": "DynamicThresholdCriterion", - "metricName": "Percentage4XX", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-Percentage4XXAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Networking/deploy_frontdoorcdn_percentage5xx_alert.jsonc b/Definitions/policyDefinitions/Networking/deploy_frontdoorcdn_percentage5xx_alert.jsonc deleted file mode 100644 index a8441f38..00000000 --- a/Definitions/policyDefinitions/Networking/deploy_frontdoorcdn_percentage5xx_alert.jsonc +++ /dev/null @@ -1,359 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_FrontDoorCDN_Percentage5XX_Alert", - "properties": { - "displayName": "Deploy FrontDoor CDN Profile Percentage5XX Alert", - "description": "Policy to audit/deploy FrontDoor CDN Profile Percentage5XX Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Networking", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Cdn/profiles", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Cdn/profiles", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "Percentage5XX", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Frontdoor CDN Origin Latency", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ServiceApiResult", - "metricNamespace": "Microsoft.Cdn/profiles", - "criterionType": "DynamicThresholdCriterion", - "metricName": "Percentage5XX", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-Percentage5XXAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Site Recovery/deploy_recoveryvault_asrhealthmonitor_alert.jsonc b/Definitions/policyDefinitions/Site Recovery/deploy_recoveryvault_asrhealthmonitor_alert.jsonc deleted file mode 100644 index 23509ef8..00000000 --- a/Definitions/policyDefinitions/Site Recovery/deploy_recoveryvault_asrhealthmonitor_alert.jsonc +++ /dev/null @@ -1,106 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_RecoveryVault_ASRHealthMonitor_Alert", - "properties": { - "displayName": "Deploy RV ASR Health Monitoring Alerts", - "description": "Policy to audit/update Recovery Vault ASR Health Alerting to Azure monitor alerts", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.0.0", - "category": "Site Recovery", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "modify", - "audit", - "disabled" - ], - "defaultValue": "modify", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.RecoveryServices/Vaults", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - }, - { - "anyOf": [ - { - "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings.alertsForAllReplicationIssues", - "notEquals": "Enabled" - }, - { - "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings.alertsForAllFailoverIssues", - "notEquals": "Enabled" - } - ] - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "conflictEffect": "audit", - "operations": [ - { - "value": "Disabled", - "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.classicAlertSettings.emailNotificationsForSiteRecovery", - "operation": "addOrReplace" - }, - { - "value": "Enabled", - "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings.alertsForAllReplicationIssues", - "operation": "addOrReplace" - }, - { - "value": "Enabled", - "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings.alertsForAllFailoverIssues", - "operation": "addOrReplace" - } - ] - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Site Recovery/deploy_recoveryvault_backuphealthmonitor_alert.jsonc b/Definitions/policyDefinitions/Site Recovery/deploy_recoveryvault_backuphealthmonitor_alert.jsonc deleted file mode 100644 index d217f5e5..00000000 --- a/Definitions/policyDefinitions/Site Recovery/deploy_recoveryvault_backuphealthmonitor_alert.jsonc +++ /dev/null @@ -1,93 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_RecoveryVault_BackupHealthMonitor_Alert", - "properties": { - "displayName": "Deploy RV Backup Health Monitoring Alerts", - "description": "Policy to audit/update Recovery Vault Backup Health Alerting to Azure monitor alerts", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Site Recovery", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "modify", - "audit", - "disabled" - ], - "defaultValue": "modify", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.RecoveryServices/Vaults", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - }, - { - "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings.alertsForAllJobFailures", - "notEquals": "Enabled" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "conflictEffect": "audit", - "operations": [ - { - "value": "Disabled", - "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.classicAlertSettings.alertsForCriticalOperations", - "operation": "addOrReplace" - }, - { - "value": "Enabled", - "field": "Microsoft.RecoveryServices/vaults/monitoringSettings.azureMonitorAlertSettings.alertsForAllJobFailures", - "operation": "addOrReplace" - } - ] - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Storage/deploy_storageaccount_availability_alert.jsonc b/Definitions/policyDefinitions/Storage/deploy_storageaccount_availability_alert.jsonc deleted file mode 100644 index 3629cd1a..00000000 --- a/Definitions/policyDefinitions/Storage/deploy_storageaccount_availability_alert.jsonc +++ /dev/null @@ -1,330 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_StorageAccount_Availability_Alert", - "properties": { - "displayName": "Deploy SA Availability Alert", - "description": "Policy to audit/deploy SA Availability Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.2.0", - "category": "Storage", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name to disable monitoring resource. Set to true if monitoring should be disabled", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Storage/storageAccounts", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Storage/storageAccounts", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "Availability", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Storage/storageAccounts/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-Availability-threshold-Override_'), field('tags._amba-Availability-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Storage Account Availability", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "Availability", - "metricNamespace": "Microsoft.Storage/storageAccounts", - "criterionType": "StaticThresholdCriterion", - "metricName": "Availability" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-AvailabilityAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_ag_applicationgatewaytotaltime_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_ag_applicationgatewaytotaltime_alert.jsonc deleted file mode 100644 index 7d2ad989..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_ag_applicationgatewaytotaltime_alert.jsonc +++ /dev/null @@ -1,385 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AG_ApplicationGatewayTotalTime_Alert", - "properties": { - "displayName": "Deploy AGW ApplicationGatewayTotalTime Alert", - "description": "Policy to audit/deploy Azure Application Gateway ApplicationGatewayTotalTime Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.4.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "alertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "description": "Alert Sensitivity for the alert", - "displayName": "Alert Sensitivity" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "type" - }, - { - "field": "Microsoft.Network/applicationgateways/sku.name", - "In": [ - "Standard_v2", - "WAF_v2" - ] - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ApplicationGatewayTotalTime", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationgateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "[parameters('alertSensitivity')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - }, - "alertSensitivity": { - "value": "[parameters('alertSensitivity')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - }, - "alertSensitivity": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Gateway ApplicationGatewayTotalTime", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "alertSensitivity": { - "value": "[parameters('alertSensitivity')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ApplicationGatewayTotalTime", - "metricNamespace": "Microsoft.Network/applicationgateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "ApplicationGatewayTotalTime", - "alertSensitivity": "[parameters('alertSensitivity')]" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-agApplicationGatewayTotalTime')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_ag_backendlastbyteresponsetime_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_ag_backendlastbyteresponsetime_alert.jsonc deleted file mode 100644 index 8eb1211b..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_ag_backendlastbyteresponsetime_alert.jsonc +++ /dev/null @@ -1,385 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AG_BackendLastByteResponseTime_Alert", - "properties": { - "displayName": "Deploy AGW BackendLastByteResponseTime Alert", - "description": "Policy to audit/deploy Azure Application Gateway BackendLastByteResponseTime Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.4.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "alertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "description": "Alert Sensitivity for the alert", - "displayName": "Alert Sensitivity" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "type" - }, - { - "field": "Microsoft.Network/applicationgateways/sku.name", - "In": [ - "Standard_v2", - "WAF_v2" - ] - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "BackendLastByteResponseTime", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationgateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "[parameters('alertSensitivity')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - }, - "alertSensitivity": { - "value": "[parameters('alertSensitivity')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - }, - "alertSensitivity": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Gateway BackendLastByteResponseTime", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "alertSensitivity": { - "value": "[parameters('alertSensitivity')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "BackendLastByteResponseTime", - "metricNamespace": "Microsoft.Network/applicationgateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "BackendLastByteResponseTime", - "alertSensitivity": "[parameters('alertSensitivity')]" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-agBackendLastByteResponseTime')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_ag_capacityunits_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_ag_capacityunits_alert.jsonc deleted file mode 100644 index ea896ef7..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_ag_capacityunits_alert.jsonc +++ /dev/null @@ -1,334 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AG_CapacityUnits_Alert", - "properties": { - "displayName": "Deploy AGW Capacity Units Alert", - "description": "Policy to audit/deploy Azure Application Gateway CapacityUnits Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "75", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "type" - }, - { - "field": "Microsoft.Network/applicationgateways/sku.name", - "In": [ - "Standard_v2", - "WAF_v2" - ] - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "CapacityUnits", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationgateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-CapacityUnits-threshold-Override_'), field('tags._amba-CapacityUnits-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-CapacityUnits-threshold-Override_'), field('tags._amba-CapacityUnits-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Gateway Capacity Units", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "CapacityUnits", - "metricNamespace": "Microsoft.Network/applicationgateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "CapacityUnits" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-agCapacityUnits')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_ag_computeunits_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_ag_computeunits_alert.jsonc deleted file mode 100644 index b3340c2a..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_ag_computeunits_alert.jsonc +++ /dev/null @@ -1,334 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AG_ComputeUnits_Alert", - "properties": { - "displayName": "Deploy AGW Compute Units Alert", - "description": "Policy to audit/deploy Azure Application Gateway ComputeUnits Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "75", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "type" - }, - { - "field": "Microsoft.Network/applicationgateways/sku.name", - "In": [ - "Standard_v2", - "WAF_v2" - ] - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ComputeUnits", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationgateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-ComputeUnits-threshold-Override_'), field('tags._amba-ComputeUnits-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-ComputeUnits-threshold-Override_'), field('tags._amba-ComputeUnits-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Gateway Compute Units", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ComputeUnits", - "metricNamespace": "Microsoft.Network/applicationgateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "ComputeUnits" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-agComputeUnits')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_ag_cpuutilization_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_ag_cpuutilization_alert.jsonc deleted file mode 100644 index 342ca0dd..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_ag_cpuutilization_alert.jsonc +++ /dev/null @@ -1,334 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AG_CPUUtilization_Alert", - "properties": { - "displayName": "Deploy AGW CPU Utilization Alert", - "description": "Policy to audit/deploy Azure Application Gateway CPU Utilization Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "80", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "type" - }, - { - "field": "Microsoft.Network/applicationgateways/sku.name", - "notIn": [ - "Standard_v2", - "WAF_v2" - ] - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "CpuUtilization", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationgateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-CpuUtilization-threshold-Override_'), field('tags._amba-CpuUtilization-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-CpuUtilization-threshold-Override_'), field('tags._amba-CpuUtilization-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Gateway CPU Utilization", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "CpuUtilization", - "metricNamespace": "Microsoft.Network/applicationgateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "CpuUtilization" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-agCpuUtilization')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_ag_failedrequests_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_ag_failedrequests_alert.jsonc deleted file mode 100644 index d7e8716f..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_ag_failedrequests_alert.jsonc +++ /dev/null @@ -1,378 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AG_FailedRequests_Alert", - "properties": { - "displayName": "Deploy AGW FailedRequests Alert", - "description": "Policy to audit/deploy Azure Application Gateway FailedRequests Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.3.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "alertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "description": "Alert Sensitivity for the alert", - "displayName": "Alert Sensitivity" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "FailedRequests", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationgateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Total", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "[parameters('alertSensitivity')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - }, - "alertSensitivity": { - "value": "[parameters('alertSensitivity')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - }, - "alertSensitivity": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Gateway FailedRequests", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "alertSensitivity": { - "value": "[parameters('alertSensitivity')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Total", - "operator": "GreaterThan", - "name": "FailedRequests", - "metricNamespace": "Microsoft.Network/applicationgateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "FailedRequests", - "alertSensitivity": "[parameters('alertSensitivity')]" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-agFailedRequests')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_ag_responsestatus_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_ag_responsestatus_alert.jsonc deleted file mode 100644 index 6591f83c..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_ag_responsestatus_alert.jsonc +++ /dev/null @@ -1,388 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AG_ResponseStatus_Alert", - "properties": { - "displayName": "Deploy AGW ResponseStatus Alert", - "description": "Policy to audit/deploy Azure Application Gateway ResponseStatus Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.3.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - }, - "alertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "description": "Alert Sensitivity for the alert", - "displayName": "Alert Sensitivity" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ResponseStatus", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationgateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Total", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "[parameters('alertSensitivity')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - }, - "alertSensitivity": { - "value": "[parameters('alertSensitivity')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - }, - "alertSensitivity": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Gateway ResponseStatus", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "alertSensitivity": { - "value": "[parameters('alertSensitivity')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Total", - "operator": "GreaterThan", - "name": "ResponseStatus", - "metricNamespace": "Microsoft.Network/applicationgateways", - "criterionType": "DynamicThresholdCriterion", - "metricName": "ResponseStatus", - "alertSensitivity": "[parameters('alertSensitivity')]", - "dimensions": [ - { - "operator": "Include", - "name": "HttpStatusGroup", - "values": [ - "4xx", - "5xx" - ] - } - ] - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-agResponseStatus')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_ag_unhealthyhostcount_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_ag_unhealthyhostcount_alert.jsonc deleted file mode 100644 index c360e801..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_ag_unhealthyhostcount_alert.jsonc +++ /dev/null @@ -1,327 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_AG_UnhealthyHostCount_Alert", - "properties": { - "displayName": "Deploy AGW Unhealthy Host Count Alert", - "description": "Policy to audit/deploy Azure Application Gateway Unhealthy Host Count Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "20", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/applicationgateways", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "UnhealthyHostCount", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/applicationgateways/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-UnhealthyHostCount-threshold-Override_'), field('tags._amba-UnhealthyHostCount-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-UnhealthyHostCount-threshold-Override_'), field('tags._amba-UnhealthyHostCount-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Gateway Unhealthy Host Count", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "CpuUtilization", - "metricNamespace": "Microsoft.Network/applicationgateways", - "criterionType": "StaticThresholdCriterion", - "metricName": "UnhealthyHostCount" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-agUnhealthyHostCount')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_alb_datapathavailability_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_alb_datapathavailability_alert.jsonc deleted file mode 100644 index b33358e7..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_alb_datapathavailability_alert.jsonc +++ /dev/null @@ -1,334 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ALB_DataPathAvailability_Alert", - "properties": { - "displayName": "Deploy ALB Data Path Availability Alert", - "description": "Policy to audit/deploy Azure Load Balancer Data Path Availability Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/loadBalancers", - "field": "type" - }, - { - "field": "Microsoft.Network/loadBalancers/sku.name", - "in": [ - "Standard", - "Gateway" - ] - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/loadBalancers", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "VipAvailability", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-VipAvailability-threshold-Override_'), field('tags._amba-VipAvailability-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ALB Data Path Availability", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "VipAvailability", - "metricNamespace": "Microsoft.Network/loadBalancers", - "criterionType": "StaticThresholdCriterion", - "metricName": "VipAvailability" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-ALBDataPathAvailability')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_alb_globalbackendavailability_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_alb_globalbackendavailability_alert.jsonc deleted file mode 100644 index 33187939..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_alb_globalbackendavailability_alert.jsonc +++ /dev/null @@ -1,331 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ALB_GlobalBackendAvailability_Alert", - "properties": { - "displayName": "Deploy ALB Global Backend Availability Alert", - "description": "Policy to audit/deploy Azure Load Balancer Global Backend Availability Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/loadBalancers", - "field": "type" - }, - { - "equals": "Global", - "field": "Microsoft.Network/loadBalancers/sku.tier" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/loadBalancers", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "GlobalBackendAvailability", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-GlobalBackendAvailability-threshold-Override_'), field('tags._amba-GlobalBackendAvailability-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-GlobalBackendAvailability-threshold-Override_'), field('tags._amba-GlobalBackendAvailability-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Global Backend Availability", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "GlobalBackendAvailability", - "metricNamespace": "Microsoft.Network/loadBalancers", - "criterionType": "StaticThresholdCriterion", - "metricName": "GlobalBackendAvailability" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-ALBGlobalBackendAvailability')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_alb_healthprobestatus_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_alb_healthprobestatus_alert.jsonc deleted file mode 100644 index 0e331b23..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_alb_healthprobestatus_alert.jsonc +++ /dev/null @@ -1,338 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ALB_HealthProbeStatus_Alert", - "properties": { - "displayName": "Deploy ALB Health Probe Status Alert", - "description": "Policy to audit/deploy Azure Load Balancer Health Probe Status Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/loadBalancers", - "field": "type" - }, - { - "field": "Microsoft.Network/loadBalancers/sku.name", - "in": [ - "Standard", - "Gateway" - ] - }, - { - "equals": "Regional", - "field": "Microsoft.Network/loadBalancers/sku.tier" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/loadBalancers", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "DipAvailability", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-DipAvailability-threshold-Override_'), field('tags._amba-DipAvailability-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-DipAvailability-threshold-Override_'), field('tags._amba-DipAvailability-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ALB Health Probe Status", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "DipAvailability", - "metricNamespace": "Microsoft.Network/loadBalancers", - "criterionType": "StaticThresholdCriterion", - "metricName": "DipAvailability" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-ALBHealthProbeStatus')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_alb_usedsnatports_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_alb_usedsnatports_alert.jsonc deleted file mode 100644 index 194d036d..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_alb_usedsnatports_alert.jsonc +++ /dev/null @@ -1,327 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ALB_UsedSNATPorts_Alert", - "properties": { - "displayName": "Deploy ALB Used SNAT Ports Alert", - "description": "Policy to audit/deploy Azure Load Balancer Used SNAT Ports Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "900", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/loadBalancers", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/loadBalancers", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "UsedSNATPorts", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/loadBalancers/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-UsedSNATPorts-threshold-Override_'), field('tags._amba-UsedSNATPorts-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-UsedSNATPorts-threshold-Override_'), field('tags._amba-UsedSNATPorts-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ALB Used SNAT Ports", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "UsedSNATPorts", - "metricNamespace": "Microsoft.Network/loadBalancers", - "criterionType": "StaticThresholdCriterion", - "metricName": "UsedSNATPorts" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-ALBUsedSNATPorts')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutebitsin_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutebitsin_alert.jsonc deleted file mode 100644 index 52fcc9ec..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutebitsin_alert.jsonc +++ /dev/null @@ -1,327 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERP_ExpressRouteBitsIn_Alert", - "properties": { - "displayName": "Deploy ER Direct ExpressRoute Bits In Alert", - "description": "Policy to audit/deploy ER Direct Connection BitsInPerSecond Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "PortBitsInPerSecond", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-PortBitsInPerSecond-threshold-Override_'), field('tags._amba-PortBitsInPerSecond-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-PortBitsInPerSecond-threshold-Override_'), field('tags._amba-PortBitsInPerSecond-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ER Direct Connection BitsInPerSecond", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "PortBitsInPerSecond", - "metricNamespace": "Microsoft.Network/expressRoutePorts", - "criterionType": "StaticThresholdCriterion", - "metricName": "PortBitsInPerSecond" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-DirectERBitsInAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutebitsout_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutebitsout_alert.jsonc deleted file mode 100644 index 4ebd7176..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutebitsout_alert.jsonc +++ /dev/null @@ -1,327 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERP_ExpressRouteBitsOut_Alert", - "properties": { - "displayName": "Deploy ER Direct ExpressRoute Bits Out Alert", - "description": "Policy to audit/deploy ER Direct Connection BitsOutPerSecond Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "1", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "PortBitsOutPerSecond", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-PortBitsOutPerSecond-threshold-Override_'), field('tags._amba-PortBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-PortBitsOutPerSecond-threshold-Override_'), field('tags._amba-PortBitsOutPerSecond-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ER Direct Connection BitsOutPerSecond", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "PortBitsOutPerSecond", - "metricNamespace": "Microsoft.Network/expressRoutePorts", - "criterionType": "StaticThresholdCriterion", - "metricName": "PortBitsOutPerSecond" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-DirectERBitsOutAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutlineprotocol_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutlineprotocol_alert.jsonc deleted file mode 100644 index 3283d1b6..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutlineprotocol_alert.jsonc +++ /dev/null @@ -1,327 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERP_ExpressRoutLineProtocol_Alert", - "properties": { - "displayName": "Deploy ER Direct ExpressRoute LineProtocol Alert", - "description": "Policy to audit/deploy ER Direct LineProtocol Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "0.9", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "LineProtocol", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-LineProtocol-threshold-Override_'), field('tags._amba-LineProtocol-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-LineProtocol-threshold-Override_'), field('tags._amba-LineProtocol-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ER Direct Connection LineProtocolPerSecond", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "LineProtocol", - "metricNamespace": "Microsoft.Network/expressRoutePorts", - "criterionType": "StaticThresholdCriterion", - "metricName": "LineProtocol" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-DirectERLineProtocolAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutrxlightlevellow_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutrxlightlevellow_alert.jsonc deleted file mode 100644 index d2a21111..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressroutrxlightlevellow_alert.jsonc +++ /dev/null @@ -1,331 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERP_ExpressRoutRxLightLevellow_Alert", - "properties": { - "displayName": "Deploy ER Direct ExpressRoute RxLightLevel Low Alert", - "description": "Policy to audit/deploy ER Direct RxLightLevel Low Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "-10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "RxLightLevel", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-RxLightLevel-Low-threshold-Override_'), field('tags._amba-RxLightLevel-Low-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-RxLightLevel-Low-threshold-Override_'), field('tags._amba-RxLightLevel-Low-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ER Direct Connection RxLightLevelLow", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "RxLightLevel", - "metricNamespace": "Microsoft.Network/expressRoutePorts", - "criterionType": "StaticThresholdCriterion", - "metricName": "RxLightLevel" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-DirectERRxLightLevelLowAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressrouttxlightlevell_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressrouttxlightlevell_alert.jsonc deleted file mode 100644 index 67b0be8c..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressrouttxlightlevell_alert.jsonc +++ /dev/null @@ -1,331 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERP_ExpressRoutTxLightLevell_Alert", - "properties": { - "displayName": "Deploy ER Direct ExpressRoute TxLightLevel High Alert", - "description": "Policy to audit/deploy ER Direct TxLightLevel High Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "0", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TxLightLevel", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-TxLightLevel-High-threshold-Override_'), field('tags._amba-TxLightLevel-High-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-TxLightLevel-High-threshold-Override_'), field('tags._amba-TxLightLevel-High-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ER Direct Connection TxLightLevelHigh", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "TxLightLevel", - "metricNamespace": "Microsoft.Network/expressRoutePorts", - "criterionType": "StaticThresholdCriterion", - "metricName": "TxLightLevel" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-DirectERTxLightLevelHighAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressrouttxlightlevellow_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressrouttxlightlevellow_alert.jsonc deleted file mode 100644 index b2c1fbdb..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_erp_expressrouttxlightlevellow_alert.jsonc +++ /dev/null @@ -1,331 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_ERP_ExpressRoutTxLightLevellow_Alert", - "properties": { - "displayName": "Deploy ER Direct ExpressRoute TxLightLevel Low Alert", - "description": "Policy to audit/deploy ER Direct TxLightLevel Low Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "-10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/expressRoutePorts", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "TxLightLevel", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/expressRoutePorts/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-TxLightLevel-Low-threshold-Override_'), field('tags._amba-TxLightLevel-Low-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-TxLightLevel-Low-threshold-Override_'), field('tags._amba-TxLightLevel-Low-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for ER Direct Connection TxLightLevelLow", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "TxLightLevel", - "metricNamespace": "Microsoft.Network/expressRoutePorts", - "criterionType": "StaticThresholdCriterion", - "metricName": "TxLightLevel" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-DirectERTxLightLevelLowAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_frontdoorcdn_originhealthpercentage_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_frontdoorcdn_originhealthpercentage_alert.jsonc deleted file mode 100644 index 9e1a6138..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_frontdoorcdn_originhealthpercentage_alert.jsonc +++ /dev/null @@ -1,327 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_FrontDoorCDN_OriginHealthPercentage_Alert", - "properties": { - "displayName": "Deploy FrontDoor CDN Profile Origin Health Percentage Alert", - "description": "Policy to audit/deploy FrontDoor Origin Health Percentage Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.1", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Cdn/profiles", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Cdn/profiles", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "OriginHealthPercentage", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Cdn/profiles/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-OriginHealthPercentage-threshold-Override_'), field('tags._amba-OriginHealthPercentage-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-OriginHealthPercentage-threshold-Override_'), field('tags._amba-OriginHealthPercentage-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Frontdoor Origin Health Percentage", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "OriginHealthPercentage", - "metricNamespace": "Microsoft.Cdn/profiles", - "criterionType": "StaticThresholdCriterion", - "metricName": "OriginHealthPercentage" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-OriginHealthPercentage')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_tm_endpointhealth_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_tm_endpointhealth_alert.jsonc deleted file mode 100644 index 61e29034..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_tm_endpointhealth_alert.jsonc +++ /dev/null @@ -1,336 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_TM_EndpointHealth_Alert", - "properties": { - "displayName": "Deploy Traffic Manager Endpoint Health Alert", - "description": "Policy to audit/deploy FTraffic Manager Endpoint Health Health Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Networking" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "0.9", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Network/trafficmanagerprofiles", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Network/trafficmanagerprofiles", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "ProbeAgentCurrentEndpointStateByProfileResourceId", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Network/trafficmanagerprofiles/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "LessThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-EndpointHealth-threshold-Override_'), field('tags._amba-EndpointHealth-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-EndpointHealth-threshold-Override_'), field('tags._amba-EndpointHealth-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for Traffic Manager Endpoint Health", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "operator": "LessThan", - "name": "EndpointHealth", - "metricNamespace": "Microsoft.Network/trafficmanagerprofiles", - "criterionType": "StaticThresholdCriterion", - "metricName": "ProbeAgentCurrentEndpointStateByProfileResourceId", - "dimensions": [ - { - "operator": "Include", - "name": "EndpointName", - "values": [ - "*" - ] - } - ] - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-EndpointHealthAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_wsf_cpupercentage_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_wsf_cpupercentage_alert.jsonc deleted file mode 100644 index 8e4a3cdc..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_wsf_cpupercentage_alert.jsonc +++ /dev/null @@ -1,327 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_WSF_CPUPercentage_Alert", - "properties": { - "displayName": "Deploy App Service Plan CPU Percentage Alert", - "description": "Policy to audit/deploy App Service Plan CPU Percentage Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Web Services" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Web/serverfarms", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Web/serverfarms", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "CpuPercentage", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverfarms/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-CpuPercentage-threshold-Override_'), field('tags._amba-CpuPercentage-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-CpuPercentage-threshold-Override_'), field('tags._amba-CpuPercentage-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "mode": "incremental", - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "variables": {}, - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Service Plan CPU Percentage", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "autoMitigate": "[parameters('autoMitigate')]", - "windowSize": "[parameters('windowSize')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "severity": "[parameters('severity')]", - "enabled": "[parameters('enabled')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "metricNamespace": "Microsoft.Web/serverfarms", - "criterionType": "StaticThresholdCriterion", - "name": "CpuPercentage", - "metricName": "CpuPercentage", - "operator": "GreaterThan" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "name": "[concat(parameters('resourceName'), '-CpuPercentage')]", - "location": "global", - "tags": { - "_deployed_by_amba": true - } - } - ], - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - } - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Unknown Category/deploy_wsf_memorypercentage_alert.jsonc b/Definitions/policyDefinitions/Unknown Category/deploy_wsf_memorypercentage_alert.jsonc deleted file mode 100644 index 0a20b009..00000000 --- a/Definitions/policyDefinitions/Unknown Category/deploy_wsf_memorypercentage_alert.jsonc +++ /dev/null @@ -1,327 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_WSF_MemoryPercentage_Alert", - "properties": { - "displayName": "Deploy App Service Plan Memory Percentage Alert", - "description": "Policy to audit/deploy App Service Plan Memory Percentage Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.2.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "Category": "Web Services" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "threshold": { - "defaultValue": "85", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Threshold" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Web/serverfarms", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Web/serverfarms", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "MemoryPercentage", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverfarms/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-SingleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.operator" - }, - { - "equals": "[if(contains(field('tags'), '_amba-MemoryPercentage-threshold-Override_'), field('tags._amba-MemoryPercentage-threshold-Override_'), parameters('threshold'))]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].StaticThresholdCriterion.threshold" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "threshold": { - "value": "[if(contains(field('tags'), '_amba-MemoryPercentage-threshold-Override_'), field('tags._amba-MemoryPercentage-threshold-Override_'), parameters('threshold'))]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "mode": "incremental", - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "threshold": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "variables": {}, - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Service Plan Memory Percentage", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "autoMitigate": "[parameters('autoMitigate')]", - "windowSize": "[parameters('windowSize')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "threshold": { - "value": "[parameters('threshold')]" - } - }, - "severity": "[parameters('severity')]", - "enabled": "[parameters('enabled')]", - "criteria": { - "allOf": [ - { - "threshold": "[parameters('threshold')]", - "timeAggregation": "Average", - "metricNamespace": "Microsoft.Web/serverfarms", - "criterionType": "StaticThresholdCriterion", - "name": "MemoryPercentage", - "metricName": "MemoryPercentage", - "operator": "GreaterThan" - } - ], - "odata.type": "Microsoft.Azure.Monitor.SingleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "name": "[concat(parameters('resourceName'), '-MemoryPercentage')]", - "location": "global", - "tags": { - "_deployed_by_amba": true - } - } - ], - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - } - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Web Services/deploy_wsf_diskqueuelength_alert.jsonc b/Definitions/policyDefinitions/Web Services/deploy_wsf_diskqueuelength_alert.jsonc deleted file mode 100644 index ee202efe..00000000 --- a/Definitions/policyDefinitions/Web Services/deploy_wsf_diskqueuelength_alert.jsonc +++ /dev/null @@ -1,359 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_WSF_DiskQueueLength_Alert", - "properties": { - "displayName": "Deploy App Service Plan Disk Queue Length Alert", - "description": "Policy to audit/deploy App Service Plan Disk Queue Length Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Web Services", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Web/serverfarms", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Web/serverfarms", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "DiskQueueLength", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverfarms/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - }, - "resourceName": { - "value": "[field('name')]" - } - }, - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Service Plan Disk Queue Length", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "windowSize": "[parameters('windowSize')]", - "autoMitigate": "[parameters('autoMitigate')]", - "enabled": "[parameters('enabled')]", - "severity": "[parameters('severity')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]", - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]" - }, - "timeAggregation": "Average", - "operator": "GreaterThan", - "name": "ServiceApiResult", - "metricNamespace": "Microsoft.Web/serverfarms", - "criterionType": "DynamicThresholdCriterion", - "metricName": "DiskQueueLength", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "location": "global", - "name": "[concat(parameters('resourceName'), '-DiskQueueLengthAlert')]", - "tags": { - "_deployed_by_amba": true - } - } - ], - "variables": {}, - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - }, - "mode": "incremental" - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policyDefinitions/Web Services/deploy_wsf_httpqueuelength_alert.jsonc b/Definitions/policyDefinitions/Web Services/deploy_wsf_httpqueuelength_alert.jsonc deleted file mode 100644 index 6412ce16..00000000 --- a/Definitions/policyDefinitions/Web Services/deploy_wsf_httpqueuelength_alert.jsonc +++ /dev/null @@ -1,359 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-definition-schema.json", - "name": "Deploy_WSF_HttpQueueLength_Alert", - "properties": { - "displayName": "Deploy App Service Plan Http Queue Length Alert", - "description": "Policy to audit/deploy App Service Plan Http Queue Length Alert", - "mode": "All", - "metadata": { - "_deployed_by_amba": "True", - "version": "1.3.0", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "alzCloudEnvironments": [ - "AzureCloud" - ], - "category": "Web Services" - }, - "parameters": { - "evaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Evaluation Frequency" - }, - "type": "String" - }, - "autoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Auto Mitigate" - }, - "type": "String" - }, - "windowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Window Size" - }, - "type": "String" - }, - "severity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the Alert", - "displayName": "Severity" - }, - "type": "String" - }, - "enabled": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Alert State" - }, - "type": "String" - }, - "failingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "Failing Periods" - }, - "type": "String" - }, - "evaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "Evaluation Periods" - }, - "type": "String" - }, - "MonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "MonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "effect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Effect of the policy", - "displayName": "Effect" - }, - "type": "String" - } - }, - "policyRule": { - "if": { - "allOf": [ - { - "equals": "Microsoft.Web/serverfarms", - "field": "type" - }, - { - "field": "[concat('tags[', parameters('MonitorDisableTagName'), ']')]", - "notIn": "[parameters('MonitorDisableTagValues')]" - } - ] - }, - "then": { - "effect": "[parameters('effect')]", - "details": { - "type": "Microsoft.Insights/metricAlerts", - "existenceCondition": { - "allOf": [ - { - "equals": "Microsoft.Web/serverfarms", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricNamespace" - }, - { - "equals": "HttpQueueLength", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria.allOf[*].metricName" - }, - { - "equals": "[concat(subscription().id, '/resourceGroups/', resourceGroup().name, '/providers/Microsoft.Web/serverfarms/', field('fullName'))]", - "field": "Microsoft.Insights/metricalerts/scopes[*]" - }, - { - "equals": "[parameters('enabled')]", - "field": "Microsoft.Insights/metricAlerts/enabled" - }, - { - "equals": "[parameters('evaluationFrequency')]", - "field": "Microsoft.Insights/metricAlerts/evaluationFrequency" - }, - { - "equals": "[parameters('windowSize')]", - "field": "Microsoft.Insights/metricAlerts/windowSize" - }, - { - "equals": "[parameters('severity')]", - "field": "Microsoft.Insights/metricalerts/severity" - }, - { - "equals": "[parameters('autoMitigate')]", - "field": "Microsoft.Insights/metricAlerts/autoMitigate" - }, - { - "equals": "Average", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].timeAggregation" - }, - { - "equals": "GreaterThan", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.operator" - }, - { - "equals": "Medium", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.alertSensitivity" - }, - { - "equals": "[parameters('failingPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.minFailingPeriodsToAlert" - }, - { - "equals": "[parameters('evaluationPeriods')]", - "field": "Microsoft.Insights/metricAlerts/criteria.Microsoft-Azure-Monitor-MultipleResourceMultipleMetricCriteria.allOf[*].DynamicThresholdCriterion.failingPeriods.numberOfEvaluationPeriods" - } - ] - }, - "roleDefinitionIds": [ - "/providers/Microsoft.Authorization/roleDefinitions/b24988ac-6180-42a0-ab88-20f7382dd24c" - ], - "deployment": { - "properties": { - "parameters": { - "resourceId": { - "value": "[field('id')]" - }, - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "resourceName": { - "value": "[field('name')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "mode": "incremental", - "template": { - "parameters": { - "resourceId": { - "metadata": { - "description": "Resource ID of the resource emitting the metric that will be used for the comparison", - "displayName": "resourceId" - }, - "type": "String" - }, - "evaluationFrequency": { - "type": "String" - }, - "autoMitigate": { - "type": "String" - }, - "windowSize": { - "type": "String" - }, - "severity": { - "type": "String" - }, - "enabled": { - "type": "String" - }, - "resourceName": { - "metadata": { - "description": "Name of the resource", - "displayName": "resourceName" - }, - "type": "String" - }, - "failingPeriods": { - "type": "String" - }, - "evaluationPeriods": { - "type": "String" - } - }, - "contentVersion": "1.0.0.0", - "variables": {}, - "resources": [ - { - "type": "Microsoft.Insights/metricAlerts", - "properties": { - "description": "Metric Alert for App Service Plan Http Queue Length", - "evaluationFrequency": "[parameters('evaluationFrequency')]", - "autoMitigate": "[parameters('autoMitigate')]", - "windowSize": "[parameters('windowSize')]", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('evaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('autoMitigate')]" - }, - "windowSize": { - "value": "[parameters('windowSize')]" - }, - "severity": { - "value": "[parameters('severity')]" - }, - "enabled": { - "value": "[parameters('enabled')]" - }, - "failingPeriods": { - "value": "[parameters('failingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('evaluationPeriods')]" - } - }, - "severity": "[parameters('severity')]", - "enabled": "[parameters('enabled')]", - "criteria": { - "allOf": [ - { - "failingPeriods": { - "minFailingPeriodsToAlert": "[parameters('failingPeriods')]", - "numberOfEvaluationPeriods": "[parameters('evaluationPeriods')]" - }, - "timeAggregation": "Average", - "metricNamespace": "Microsoft.Web/serverfarms", - "criterionType": "DynamicThresholdCriterion", - "name": "ServiceApiResult", - "metricName": "HttpQueueLength", - "operator": "GreaterThan", - "alertSensitivity": "Medium" - } - ], - "odata.type": "Microsoft.Azure.Monitor.MultipleResourceMultipleMetricCriteria" - }, - "scopes": [ - "[parameters('resourceId')]" - ] - }, - "apiVersion": "2018-03-01", - "name": "[concat(parameters('resourceName'), '-HttpQueueLengthAlert')]", - "location": "global", - "tags": { - "_deployed_by_amba": true - } - } - ], - "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#" - } - } - } - } - } - } - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-connectivity.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-connectivity.jsonc deleted file mode 100644 index ae43cd6e..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-connectivity.jsonc +++ /dev/null @@ -1,5132 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-Connectivity", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Connectivity", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Network components such as Azure Firewalls, ExpressRoute, VPN, and Private DNS Zones.", - "metadata": { - "alzCloudEnvironments": [ - "AzureCloud" - ], - "_deployed_by_amba": true, - "version": "1.3.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "displayName": "ALZ Monitor Resource Group Location", - "description": "Location of the resource group where the ALZ Monitor resources will be deployed" - }, - "type": "String" - }, - "LBGlobalBackendAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Global Backend Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBDatapathAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Data path Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_alz_monitor": true - }, - "metadata": { - "displayName": "ALZ Monitor Resource Group Tags", - "description": "Tags to be applied to the resource group where the ALZ Monitor resources will be deployed" - }, - "type": "Object" - }, - "ALZMonitorResourceGroupName": { - "defaultValue": "ALZ-Monitoring-RG", - "metadata": { - "displayName": "ALZ Monitor Resource Group Name", - "description": "Name of the resource group where the ALZ Monitor resources will be deployed" - }, - "type": "String" - }, - "LBGlobalBackendAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "LB Global Backend Availability Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "LBGlobalBackendAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Global Backend Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "displayName": "ALZ Monitoring disabled tag values(s)", - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." - }, - "type": "Array" - }, - "LBHealthProbeStatusEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Health Probe Status Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBGlobalBackendAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Global Backend Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "PIP VIP Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBGlobalBackendAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Global Backend Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisableTagName", - "metadata": { - "displayName": "ALZ Monitoring disabled tag name", - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." - }, - "type": "String" - }, - "LBDatapathAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "LB Data path Availability Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PIPPacketsInDDoSEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Packets In DDoS Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBDatapathAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Data path Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "LBUsedSNATPortsEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Used SNAT Ports Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Bytes In DDoS Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "VNET DDoS Attack Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBDatapathAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Data path Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "LBHealthProbeStatusAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "LB Health Probe Status Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "LBDatapathAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Data path Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP DDoS Attack Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBHealthProbeStatusPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Health Probe Status Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "PIP VIP Availability Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PIPVIPAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "PIP VIP Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "LBHealthProbeStatusAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Health Probe Status Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPPacketsInDDoSAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "4", - "metadata": { - "displayName": "PIP Packets In DDoS Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "LBHealthProbeStatusWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Health Probe Status Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "LBUsedSNATPortsAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "LB Used SNAT Ports Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PIPPacketsInDDoSPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "PIP Packets In DDoS Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP VIP Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP VIP Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "4", - "metadata": { - "displayName": "PIP Bytes In DDoS Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "LBUsedSNATPortsPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Used SNAT Ports Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "activityNSGDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Activity NSG Delete Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "PIP VIP Availability Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "activityUDRUpdateAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Activity UDR Update Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "VNET DDoS Attack Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PIPPacketsInDDoSWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Packets In DDoS Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VNET DDoS Attack Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "PIP Bytes In DDoS Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PIPDDoSAttackAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "PIP DDoS Attack Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PIPPacketsInDDoSAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP Packets In DDoS Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "PIP DDoS Attack Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "LBUsedSNATPortsWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Used SNAT Ports Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "LBUsedSNATPortsAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Used SNAT Ports Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPPacketsInDDoSThreshold": { - "defaultValue": "40000", - "metadata": { - "displayName": "PIP Packets In DDoS Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VNET DDoS Attack Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VNET DDoS Attack Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Bytes In DDoS Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP Bytes In DDoS Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP DDoS Attack Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "VNET DDoS Attack Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSThreshold": { - "defaultValue": "8000000", - "metadata": { - "displayName": "PIP Bytes In DDoS Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP DDoS Attack Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackThreshold": { - "defaultValue": "0", - "metadata": { - "displayName": "PIP DDoS Attack Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "activityNSGDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Activity NSG Delete Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "activityUDRUpdatePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Activity UDR Update Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PDNSZQueryVolumeAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PDNSZ Query Volume Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PDNSZQueryVolumeThreshold": { - "defaultValue": "500", - "metadata": { - "displayName": "PDNSZ Query Volume Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "PDNSZRecordSetCapacityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "PDNSZ Record Set Capacity Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PDNSZRecordSetCapacityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1H", - "metadata": { - "displayName": "PDNSZ Record Set Capacity Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PDNSZRecordSetCapacityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1H", - "metadata": { - "displayName": "PDNSZ Record Set Capacity Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "PDNSZRecordSetCapacityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "PDNSZ Record Set Capacity Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PDNSZRecordSetCapacityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PDNSZ Record Set Capacity Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PDNSZRecordSetCapacityThreshold": { - "defaultValue": "80", - "metadata": { - "displayName": "PDNSZ Record Set Capacity Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "PDNSZRegistrationCapacityUtilAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "PDNSZ Registration Capacity Util Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PDNSZRegistrationCapacityUtilWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1H", - "metadata": { - "displayName": "PDNSZ Registration Capacity Util Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PDNSZRegistrationCapacityUtilEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1H", - "metadata": { - "displayName": "PDNSZ Registration Capacity Util Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "PDNSZRegistrationCapacityUtilPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "PDNSZ Registration Capacity Util Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PDNSZRegistrationCapacityUtilAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PDNSZ Registration Capacity Util Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PDNSZRegistrationCapacityUtilThreshold": { - "defaultValue": "80", - "metadata": { - "displayName": "PDNSZ Registration Capacity Util Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteBitsInAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "ER Gw Express Route Bits In Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERGwExpressRouteBitsInWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ER Gw Express Route Bits In Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteBitsInEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ER Gw Express Route Bits In Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteBitsInPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "ER Gw Express Route Bits In Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERGwExpressRouteBitsInAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ER Gw Express Route Bits In Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteBitsInThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "ER Gw Express Route Bits In Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteBitsOutAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "ER Gw Express Route Bits Out Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERGwExpressRouteBitsOutWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ER Gw Express Route Bits Out Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteBitsOutEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ER Gw Express Route Bits Out Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteBitsOutPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "ER Gw Express Route Bits Out Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERGwExpressRouteBitsOutAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ER Gw Express Route Bits Out Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteBitsOutThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "ER Gw Express Route Bits Out Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteCpuUtilAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "ER Gw Express Route Cpu Util Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERGwExpressRouteCpuUtilWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ER Gw Express Route Cpu Util Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteCpuUtilEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "ER Gw Express Route Cpu Util Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteCpuUtilPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ER Gw Express Route Cpu Util Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERGwExpressRouteCpuUtilAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ER Gw Express Route Cpu Util Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERGwExpressRouteCpuUtilThreshold": { - "defaultValue": "80", - "metadata": { - "displayName": "ER Gw Express Route Cpu Util Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropCountAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Count Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VnetGwTunnelEgressPacketDropCountWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Count Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropCountEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Count Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropCountPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Count Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropCountAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Count Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropCountFailingPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Count Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropCountEvaluationPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Count Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropMismatchAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Mismatch Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VnetGwTunnelEgressPacketDropMismatchWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Mismatch Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropMismatchEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Mismatch Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropMismatchPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Mismatch Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropMismatchAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Mismatch Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropMismatchFailingPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Mismatch Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "VnetGwTunnelEgressPacketDropMismatchEvaluationPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Packet Drop Mismatch Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "VnetGwExpressRouteBitsPerSecondAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "Vnet Gw Express Route Bits Per Second Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VnetGwExpressRouteBitsPerSecondWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Express Route Bits Per Second Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VnetGwExpressRouteBitsPerSecondEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "Vnet Gw Express Route Bits Per Second Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VnetGwExpressRouteBitsPerSecondPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Vnet Gw Express Route Bits Per Second Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VnetGwExpressRouteBitsPerSecondAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Vnet Gw Express Route Bits Per Second Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VnetGwExpressRouteBitsPerSecondThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "Vnet Gw Express Route Bits Per Second Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropMismatchWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Mismatch Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropMismatchEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Mismatch Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropMismatchPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Mismatch Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropMismatchAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Mismatch Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropMismatchFailingPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Mismatch Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropMismatchEvaluationPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Mismatch Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropCountAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Count Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VnetGwTunnelIngressPacketDropCountWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Count Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropCountEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Count Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropCountPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Count Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropCountAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Count Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropCountFailingPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Count Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropCountEvaluationPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Count Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "ERCIRBgpAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "ERCIR Bgp Availability Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERCIRBgpAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERCIR Bgp Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERCIRBgpAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "ERCIR Bgp Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERCIRBgpAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ERCIR Bgp Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERCIRBgpAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ERCIR Bgp Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERCIRBgpAvailabilityThreshold": { - "defaultValue": "90", - "metadata": { - "displayName": "ERCIR Bgp Availability Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "ERCIRArpAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "ERCIR Arp Availability Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERCIRArpAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERCIR Arp Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERCIRArpAvailabilityFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "ERCIR Arp Availability Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERCIRArpAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ERCIR ARP Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERCIRArpAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ERCIR Arp Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERCIRArpAvailabilityThreshold": { - "defaultValue": "90", - "metadata": { - "displayName": "ERCIR Arp Availability Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "AFWSNATPortUtilizationAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "AFW SNAT Port Utilization Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AFWSNATPortUtilizationWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AFW SNAT Port Utilization Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AFWSNATPortUtilizationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AFW SNAT Port Utilization Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AFWSNATPortUtilizationPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AFW SNAT Port Utilization Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AFWSNATPortUtilizationAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AFW SNAT Port Utilization Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AFWSNATPortUtilizationThreshold": { - "defaultValue": "80", - "metadata": { - "displayName": "AFW SNAT Port Utilization Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "FirewallHealthAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "Firewall Health Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "FirewallHealthWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Firewall Health Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "FirewallHealthEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "Firewall Health Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "FirewallHealthPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Firewall Health Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "FirewallHealthAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Firewall Health Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "FirewallHealthThreshold": { - "defaultValue": "90", - "metadata": { - "displayName": "Firewall Health Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "activityFWDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Activity FW Delete Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "activityFWDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Activity FW Delete Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "activityVPNGWDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Activity VPN GW Delete Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "activityVPNGWDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Activity VPN GW Delete Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERPBitsInPerSecondAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "ERP Bits In Per Second Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERPBitsInPerSecondWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERP Bits In Per Second Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERPBitsInPerSecondEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "ERP Bits In Per Second Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERPBitsInPerSecondPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ERP Bits In Per Second Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERPBitsInPerSecondAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ERP Bits In Per Second Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERPBitsOutPerSecondAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "ERP Bits Out Per Second Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERPBitsOutPerSecondWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERP Bits Out Per Second Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERPBitsOutPerSecondEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "ERP Bits Out Per Second Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERPBitsOutPerSecondPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ERP Bits Out Per Second Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERPBitsOutPerSecondAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ERP Bits Out Per Second Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERPLineProtocolAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "ERP Line Protocol Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERPLineProtocolWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERP Line Protocol Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERPLineProtocolEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "ERP Line Protocol Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERPLineProtocolPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ERP Line Protocol Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERPLineProtocolAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ERP Line Protocol Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERPRxLightLevelHighAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "ERP Rx Light Level High Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERPRxLightLevelHighWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERP Rx Light Level High Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERPRxLightLevelHighEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "ERP Rx Light Level High Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERPRxLightLevelHighPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ERP Rx Light Level High Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERPRxLightLevelHighAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ERP Rx Light Level High Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERPRxLightLevelLowAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "ERP Rx Light Level Low Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERPRxLightLevelLowWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERP Rx Light Level Low Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERPRxLightLevelLowEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "ERP Rx Light Level Low Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERPRxLightLevelLowPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ERP Rx Light Level Low Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressPacketDropMismatchAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Packet Drop Mismatch Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERPTxLightLevelHighAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "ERP Tx Light Level High Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERPTxLightLevelHighWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERP Tx Light Level High Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERPTxLightLevelHighEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "ERP Tx Light Level High Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERPTxLightLevelHighPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ERP Tx Light Level High Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERPTxLightLevelHighAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ERP Tx Light Level High Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERPTxLightLevelLowAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "ERP Tx Light Level Low Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERPTxLightLevelLowWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERP Tx Light Level Low Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERPTxLightLevelLowEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "ERP Tx Light Level Low Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERPTxLightLevelLowPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ERP Tx Light Level Low Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERPTxLightLevelLowAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ERP Tx Light Level Low Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERCIRQoSDropBitsinPerSecAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "ERC IRQoS Drop Bits in Per Sec Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PDNSZQueryVolumeAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "4", - "metadata": { - "displayName": "PDNSZ Query Volume Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PDNSZCapacityUtilThreshold": { - "defaultValue": "80", - "metadata": { - "displayName": "PDNSZ Capacity Util Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "PDNSZCapacityUtilAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PDNSZ Capacity Util Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PDNSZCapacityUtilPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "PDNSZ Capacity Util Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PDNSZCapacityUtilEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1H", - "metadata": { - "displayName": "PDNSZ Capacity Util Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "PDNSZCapacityUtilWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1H", - "metadata": { - "displayName": "PDNSZ Capacity Util Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PDNSZCapacityUtilAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "PDNSZ Capacity Util Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VPNGWTunnelIngressPacketDropMismatchEvaluationPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Mismatch Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropMismatchFailingPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Mismatch Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropMismatchAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Mismatch Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropMismatchPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Mismatch Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropMismatchFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Mismatch Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropMismatchWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Mismatch Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropMismatchAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Mismatch Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VPNGWTunnelIngressPacketDropCountEvaluationPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Count Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropCountFailingPeriods": { - "defaultValue": "4", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Count Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropCountAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Count Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropCountPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Count Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropCountFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Count Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropCountWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Count Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VPNGWTunnelIngressPacketDropCountAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "displayName": "VPN GW Tunnel Ingress Packet Drop Count Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VPNGWIngressAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VPN GW Ingress Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VPNGWIngressThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "VPN GW Ingress Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VPNGWIngressAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VPN GW Ingress Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VPNGWIngressPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "VPN GW Ingress Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VPNGWIngressEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Ingress Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VPNGWIngressWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Ingress Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VPNGWIngressAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "VPN GW Ingress Alert Severity", - "description": "Severity of the alert" - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropMismatchEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Mismatch Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropMismatchFailingPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Mismatch Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropMismatchAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Mismatch Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropMismatchPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Mismatch Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropMismatchFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Mismatch Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERPRxLightLevelLowAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ERP Rx Light Level Low Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropMismatchWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Mismatch Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropMismatchAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Mismatch Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VPNGWTunnelEgressPacketDropCountEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Count Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropCountFailingPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Count Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropCountAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Count Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropCountPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Count Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropCountFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Count Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropCountWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Count Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VPNGWTunnelEgressPacketDropCountAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "displayName": "VPN GW Tunnel Egress Packet Drop Count Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VPNGWEgressThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "VPN GW Egress Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VPNGWEgressAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VPN GW Egress Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VPNGWEgressPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "VPN GW Egress Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VPNGWEgressEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Egress Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VPNGWEgressWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Egress Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VPNGWEgressAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "VPN GW Egress Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VPNGWBandWidthUtilThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "VPN GW Band Width Util Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VPNGWBandWidthUtilAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VPN GW Band Width Util Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VPNGWBandWidthUtilPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VPN GW Band Width Util Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VPNGWBandWidthUtilEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Band Width Util Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VPNGWBandWidthUtilWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN GW Band Width Util Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VPNGWBandWidthUtilAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "VPN GW Band Width Util Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VnetGwTunnelIngressThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VnetGwTunnelIngressAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "Vnet Gw Tunnel Ingress Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VnetGwTunnelEgressThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VnetGwTunnelEgressAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "Vnet Gw Tunnel Egress Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VnetGwTunnelBWThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "Vnet Gw Tunnel BW Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VnetGwTunnelBWAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Vnet Gw Tunnel BW Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VnetGwTunnelBWPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Vnet Gw Tunnel BW Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VnetGwTunnelBWEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "Vnet Gw Tunnel BW Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VnetGwTunnelBWWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw Tunnel BW Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VnetGwTunnelBWAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "Vnet Gw Tunnel BW Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VnetGwERCpuUtilThreshold": { - "defaultValue": "80", - "metadata": { - "displayName": "Vnet Gw ER Cpu Util Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VnetGwERCpuUtilAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Vnet Gw ER Cpu Util Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VnetGwERCpuUtilPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Vnet Gw ER Cpu Util Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VnetGwERCpuUtilEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "Vnet Gw ER Cpu Util Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VnetGwERCpuUtilAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "displayName": "Vnet Gw ER Cpu Util Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "VPNGwBGPPeerStatusThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "VPN Gw BGP Peer Status Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VPNGwBGPPeerStatusAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VPN Gw BGP Peer Status Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VPNGwBGPPeerStatusPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VPN Gw BGP Peer Status Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "VPNGwBGPPeerStatusEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN Gw BGP Peer Status Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VnetGwERCpuUtilWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Vnet Gw ER Cpu Util Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PDNSZQueryVolumePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "PDNSZ Query Volume Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PDNSZQueryVolumeEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1H", - "metadata": { - "displayName": "PDNSZ Query Volume Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "PDNSZQueryVolumeWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1H", - "metadata": { - "displayName": "PDNSZ Query Volume Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VPNGwBGPPeerStatusWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VPN Gw BGP Peer Status Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VPNGwBGPPeerStatusAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "displayName": "VPN Gw BGP Peer Status Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERCIRQoSDropBitsoutPerSecEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "ERC IRQoS Drop Bits out Per Sec Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "ERCIRQoSDropBitsoutPerSecFailingPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "ERC IRQoS Drop Bits out Per Sec Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "ERCIRQoSDropBitsoutPerSecAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ERC IRQoS Drop Bits out Per Sec Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERCIRQoSDropBitsoutPerSecPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ERC IRQoS Drop Bits out Per Sec Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERCIRQoSDropBitsoutPerSecEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERC IRQoS Drop Bits out Per Sec Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERCIRQoSDropBitsoutPerSecWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERC IRQoS Drop Bits out Per Sec Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "ERCIRQoSDropBitsoutPerSecAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "ERC IRQoS Drop Bits out Per Sec Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "ERCIRQoSDropBitsinPerSecEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "ERC IRQoS Drop Bits in Per Sec Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "ERCIRQoSDropBitsinPerSecFailingPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "ERC IRQoS Drop Bits in Per Sec Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "ERCIRQoSDropBitsinPerSecAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ERC IRQoS Drop Bits in Per Sec Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ERCIRQoSDropBitsinPerSecPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "ERC IRQoS Drop Bits in Per Sec Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ERCIRQoSDropBitsinPerSecEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERC IRQoS Drop Bits in Per Sec Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ERCIRQoSDropBitsinPerSecWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "ERC IRQoS Drop Bits in Per Sec Window Size", - "description": "Window size for the alert" - }, - "type": "string" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_ERCIRQoSDropBitsinPerSec", - "policyDefinitionName": "Deploy_ERCIR_QosDropBitsInPerSecond_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERCIRQoSDropBitsinPerSecEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERCIRQoSDropBitsinPerSecWindowSize')]" - }, - "severity": { - "value": "[parameters('ERCIRQoSDropBitsinPerSecAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERCIRQoSDropBitsinPerSecAlertState')]" - }, - "effect": { - "value": "[parameters('ERCIRQoSDropBitsinPerSecPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('ERCIRQoSDropBitsinPerSecFailingPeriods')]" - }, - "evaluationperiods": { - "value": "[parameters('ERCIRQoSDropBitsinPerSecEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERCIRQoSDropBitsoutPerSec", - "policyDefinitionName": "Deploy_ERCIR_QosDropBitsOutPerSecond_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERCIRQoSDropBitsoutPerSecEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERCIRQoSDropBitsoutPerSecWindowSize')]" - }, - "severity": { - "value": "[parameters('ERCIRQoSDropBitsoutPerSecAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERCIRQoSDropBitsoutPerSecAlertState')]" - }, - "effect": { - "value": "[parameters('ERCIRQoSDropBitsoutPerSecPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('ERCIRQoSDropBitsoutPerSecFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('ERCIRQoSDropBitsoutPerSecEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VPNGwBGPPeerStatus", - "policyDefinitionName": "Deploy_VPNGw_BGPPeerStatus_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VPNGwBGPPeerStatusEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VPNGwBGPPeerStatusWindowSize')]" - }, - "severity": { - "value": "[parameters('VPNGwBGPPeerStatusAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VPNGwBGPPeerStatusAlertState')]" - }, - "effect": { - "value": "[parameters('VPNGwBGPPeerStatusPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VPNGwBGPPeerStatusThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VnetGwERCpuUtil", - "policyDefinitionName": "Deploy_VnetGw_ExpressRouteCpuUtil_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VnetGwERCpuUtilEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VnetGwERCpuUtilWindowSize')]" - }, - "severity": { - "value": "[parameters('VnetGwERCpuUtilAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VnetGwERCpuUtilAlertState')]" - }, - "effect": { - "value": "[parameters('VnetGwERCpuUtilPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VnetGwERCpuUtilThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VnetGwTunnelBW", - "policyDefinitionName": "Deploy_VnetGw_TunnelBandwidth_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VnetGwTunnelBWEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VnetGwTunnelBWWindowSize')]" - }, - "severity": { - "value": "[parameters('VnetGwTunnelBWAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VnetGwTunnelBWAlertState')]" - }, - "effect": { - "value": "[parameters('VnetGwTunnelBWPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VnetGwTunnelBWThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VnetGwTunnelEgress", - "policyDefinitionName": "Deploy_VnetGw_TunnelEgress_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VnetGwTunnelEgressEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VnetGwTunnelEgressWindowSize')]" - }, - "severity": { - "value": "[parameters('VnetGwTunnelEgressAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VnetGwTunnelEgressAlertState')]" - }, - "effect": { - "value": "[parameters('VnetGwTunnelEgressPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VnetGwTunnelEgressThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VnetGwTunnelIngress", - "policyDefinitionName": "Deploy_VnetGw_TunnelIngress_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VnetGwTunnelIngressEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VnetGwTunnelIngressWindowSize')]" - }, - "severity": { - "value": "[parameters('VnetGwTunnelIngressAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VnetGwTunnelIngressAlertState')]" - }, - "effect": { - "value": "[parameters('VnetGwTunnelIngressPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VnetGwTunnelIngressThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VPNGWBandWidthUtil", - "policyDefinitionName": "Deploy_VPNGw_BandwidthUtil_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VPNGWBandWidthUtilEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VPNGWBandWidthUtilWindowSize')]" - }, - "severity": { - "value": "[parameters('VPNGWBandWidthUtilAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VPNGWBandWidthUtilAlertState')]" - }, - "effect": { - "value": "[parameters('VPNGWBandWidthUtilPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VPNGWBandWidthUtilThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VPNGWEgress", - "policyDefinitionName": "Deploy_VPNGw_Egress_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VPNGWEgressEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VPNGWEgressWindowSize')]" - }, - "severity": { - "value": "[parameters('VPNGWEgressAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VPNGWEgressAlertState')]" - }, - "effect": { - "value": "[parameters('VPNGWEgressPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VPNGWEgressThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VPNGWTunnelEgressPacketDropCount", - "policyDefinitionName": "Deploy_VPNGw_TunnelEgressPacketDropCount_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VPNGWTunnelEgressPacketDropCountFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VPNGWTunnelEgressPacketDropCountWindowSize')]" - }, - "severity": { - "value": "[parameters('VPNGWTunnelEgressPacketDropCountAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VPNGWTunnelEgressPacketDropCountAlertState')]" - }, - "effect": { - "value": "[parameters('VPNGWTunnelEgressPacketDropCountPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('VPNGWTunnelEgressPacketDropCountFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VPNGWTunnelEgressPacketDropCountEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VPNGWTunnelEgressPacketDropMismatch", - "policyDefinitionName": "Deploy_VPNGw_TunnelEgressPacketDropMismatch_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VPNGWTunnelEgressPacketDropMismatchFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VPNGWTunnelEgressPacketDropMismatchWindowSize')]" - }, - "severity": { - "value": "[parameters('VPNGWTunnelEgressPacketDropMismatchAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VPNGWTunnelEgressPacketDropMismatchAlertState')]" - }, - "effect": { - "value": "[parameters('VPNGWTunnelEgressPacketDropMismatchPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('VPNGWTunnelEgressPacketDropMismatchFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VPNGWTunnelEgressPacketDropMismatchEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VPNGWIngress", - "policyDefinitionName": "Deploy_VPNGw_Ingress_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VPNGWIngressEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VPNGWIngressWindowSize')]" - }, - "severity": { - "value": "[parameters('VPNGWIngressAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VPNGWIngressAlertState')]" - }, - "effect": { - "value": "[parameters('VPNGWIngressPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VPNGWIngressThreshold')]" - }, - "autoMitigate": { - "value": "[parameters('VPNGWIngressAutoMitigate')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VPNGWTunnelIngressPacketDropCount", - "policyDefinitionName": "Deploy_VPNGw_TunnelIngressPacketDropCount_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VPNGWTunnelIngressPacketDropCountFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VPNGWTunnelIngressPacketDropCountWindowSize')]" - }, - "severity": { - "value": "[parameters('VPNGWTunnelIngressPacketDropCountAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VPNGWTunnelIngressPacketDropCountAlertState')]" - }, - "effect": { - "value": "[parameters('VPNGWTunnelIngressPacketDropCountPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('VPNGWTunnelIngressPacketDropCountFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VPNGWTunnelIngressPacketDropCountEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VPNGWTunnelIngressPacketDropMismatch", - "policyDefinitionName": "Deploy_VPNGw_TunnelIngressPacketDropMismatch_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VPNGWTunnelIngressPacketDropMismatchFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VPNGWTunnelIngressPacketDropMismatchWindowSize')]" - }, - "severity": { - "value": "[parameters('VPNGWTunnelIngressPacketDropMismatchAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VPNGWTunnelIngressPacketDropMismatchAlertState')]" - }, - "effect": { - "value": "[parameters('VPNGWTunnelIngressPacketDropMismatchPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('VPNGWTunnelIngressPacketDropMismatchFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VPNGWTunnelIngressPacketDropMismatchEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PDNSZCapacityUtil", - "policyDefinitionName": "Deploy_PDNSZ_CapacityUtil_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PDNSZCapacityUtilEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PDNSZCapacityUtilWindowSize')]" - }, - "severity": { - "value": "[parameters('PDNSZCapacityUtilAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PDNSZCapacityUtilAlertState')]" - }, - "effect": { - "value": "[parameters('PDNSZCapacityUtilPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PDNSZCapacityUtilThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PDNSZQueryVolume", - "policyDefinitionName": "Deploy_PDNSZ_QueryVolume_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PDNSZQueryVolumeEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PDNSZQueryVolumeWindowSize')]" - }, - "severity": { - "value": "[parameters('PDNSZQueryVolumeAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PDNSZQueryVolumeAlertState')]" - }, - "effect": { - "value": "[parameters('PDNSZQueryVolumePolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PDNSZQueryVolumeThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PDNSZRecordSetCapacity", - "policyDefinitionName": "Deploy_PDNSZ_RecordSetCapacity_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PDNSZRecordSetCapacityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PDNSZRecordSetCapacityWindowSize')]" - }, - "severity": { - "value": "[parameters('PDNSZRecordSetCapacityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PDNSZRecordSetCapacityAlertState')]" - }, - "effect": { - "value": "[parameters('PDNSZRecordSetCapacityPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PDNSZRecordSetCapacityThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PDNSZRegistrationCapacityUtil", - "policyDefinitionName": "Deploy_DNSZ_RegistrationCapacityUtil_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PDNSZRegistrationCapacityUtilEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PDNSZRegistrationCapacityUtilWindowSize')]" - }, - "severity": { - "value": "[parameters('PDNSZRegistrationCapacityUtilAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PDNSZRegistrationCapacityUtilAlertState')]" - }, - "effect": { - "value": "[parameters('PDNSZRegistrationCapacityUtilPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PDNSZRegistrationCapacityUtilThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERGwExpressRouteBitsIn", - "policyDefinitionName": "Deploy_ERGw_ExpressRouteBitsIn_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERGwExpressRouteBitsInEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERGwExpressRouteBitsInWindowSize')]" - }, - "severity": { - "value": "[parameters('ERGwExpressRouteBitsInAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERGwExpressRouteBitsInAlertState')]" - }, - "effect": { - "value": "[parameters('ERGwExpressRouteBitsInPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('ERGwExpressRouteBitsInThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERGwExpressRouteBitsOut", - "policyDefinitionName": "Deploy_ERGw_ExpressRouteBitsOut_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERGwExpressRouteBitsOutEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERGwExpressRouteBitsOutWindowSize')]" - }, - "severity": { - "value": "[parameters('ERGwExpressRouteBitsOutAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERGwExpressRouteBitsOutAlertState')]" - }, - "effect": { - "value": "[parameters('ERGwExpressRouteBitsOutPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('ERGwExpressRouteBitsOutThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERGwExpressRouteCpuUtil", - "policyDefinitionName": "Deploy_ERGw_ExpressRouteCpuUtil_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERGwExpressRouteCpuUtilEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERGwExpressRouteCpuUtilWindowSize')]" - }, - "severity": { - "value": "[parameters('ERGwExpressRouteCpuUtilAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERGwExpressRouteCpuUtilAlertState')]" - }, - "effect": { - "value": "[parameters('ERGwExpressRouteCpuUtilPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('ERGwExpressRouteCpuUtilThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VnetGwTunnelEgressPacketDropCount", - "policyDefinitionName": "Deploy_VnetGw_TunnelEgressPacketDropCount_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VnetGwTunnelEgressPacketDropCountEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VnetGwTunnelEgressPacketDropCountWindowSize')]" - }, - "severity": { - "value": "[parameters('VnetGwTunnelEgressPacketDropCountAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VnetGwTunnelEgressPacketDropCountAlertState')]" - }, - "effect": { - "value": "[parameters('VnetGwTunnelEgressPacketDropCountPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('VnetGwTunnelEgressPacketDropCountFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VnetGwTunnelEgressPacketDropCountEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VnetGwTunnelEgressPacketDropMismatch", - "policyDefinitionName": "Deploy_VnetGw_TunnelEgressPacketDropMismatch_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VnetGwTunnelEgressPacketDropMismatchEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VnetGwTunnelEgressPacketDropMismatchWindowSize')]" - }, - "severity": { - "value": "[parameters('VnetGwTunnelEgressPacketDropMismatchAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VnetGwTunnelEgressPacketDropMismatchAlertState')]" - }, - "effect": { - "value": "[parameters('VnetGwTunnelEgressPacketDropMismatchPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('VnetGwTunnelEgressPacketDropMismatchFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VnetGwTunnelEgressPacketDropMismatchEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VnetGwExpressRouteBitsPerSecond", - "policyDefinitionName": "Deploy_VnetGw_ExpressRouteBitsPerSecond_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VnetGwExpressRouteBitsPerSecondEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VnetGwExpressRouteBitsPerSecondWindowSize')]" - }, - "severity": { - "value": "[parameters('VnetGwExpressRouteBitsPerSecondAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VnetGwExpressRouteBitsPerSecondAlertState')]" - }, - "effect": { - "value": "[parameters('VnetGwExpressRouteBitsPerSecondPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VnetGwExpressRouteBitsPerSecondThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VnetGwTunnelIngressPacketDropMismatch", - "policyDefinitionName": "Deploy_VnetGw_TunnelIngressPacketDropMismatch_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VnetGwTunnelIngressPacketDropMismatchEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VnetGwTunnelIngressPacketDropMismatchWindowSize')]" - }, - "severity": { - "value": "[parameters('VnetGwTunnelIngressPacketDropMismatchAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VnetGwTunnelIngressPacketDropMismatchAlertState')]" - }, - "effect": { - "value": "[parameters('VnetGwTunnelIngressPacketDropMismatchPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('VnetGwTunnelIngressPacketDropMismatchFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VnetGwTunnelIngressPacketDropMismatchEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VnetGwTunnelIngressPacketDropCount", - "policyDefinitionName": "Deploy_VnetGw_TunnelIngressPacketDropCount_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VnetGwTunnelIngressPacketDropCountEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VnetGwTunnelIngressPacketDropCountWindowSize')]" - }, - "severity": { - "value": "[parameters('VnetGwTunnelIngressPacketDropCountAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VnetGwTunnelIngressPacketDropCountAlertState')]" - }, - "effect": { - "value": "[parameters('VnetGwTunnelIngressPacketDropCountPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('VnetGwTunnelIngressPacketDropCountFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VnetGwTunnelIngressPacketDropCountEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERCIRBgpAvailability", - "policyDefinitionName": "Deploy_ERCIR_BgpAvailability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERCIRBgpAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERCIRBgpAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('ERCIRBgpAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERCIRBgpAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('ERCIRBgpAvailabilityPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('ERCIRBgpAvailabilityThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERCIRArpAvailability", - "policyDefinitionName": "Deploy_ERCIR_ArpAvailability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERCIRArpAvailabilityFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERCIRArpAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('ERCIRArpAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERCIRArpAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('ERCIRArpAvailabilityPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('ERCIRArpAvailabilityThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AFWSNATPortUtilization", - "policyDefinitionName": "Deploy_AFW_SNATPortUtilization_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AFWSNATPortUtilizationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('AFWSNATPortUtilizationWindowSize')]" - }, - "severity": { - "value": "[parameters('AFWSNATPortUtilizationAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AFWSNATPortUtilizationAlertState')]" - }, - "effect": { - "value": "[parameters('AFWSNATPortUtilizationPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('AFWSNATPortUtilizationThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PIPBytesInDDoSEvaluationFrequency", - "policyDefinitionName": "Deploy_PublicIp_BytesInDDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPBytesInDDoSEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PIPBytesInDDoSWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPBytesInDDoSAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPBytesInDDoSAlertState')]" - }, - "effect": { - "value": "[parameters('PIPBytesInDDoSPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPBytesInDDoSThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PIPDDoSAttack", - "policyDefinitionName": "Deploy_PublicIp_DDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPDDoSAttackEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PIPDDoSAttackWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPDDoSAttackAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPDDoSAttackAlertState')]" - }, - "effect": { - "value": "[parameters('PIPDDoSAttackPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPDDoSAttackThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PIPPacketsInDDoS", - "policyDefinitionName": "Deploy_PublicIp_PacketsInDDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPPacketsInDDoSEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PIPPacketsInDDoSWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPPacketsInDDoSAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPPacketsInDDoSAlertState')]" - }, - "effect": { - "value": "[parameters('PIPPacketsInDDoSPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPPacketsInDDoSThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PIPVIPAvailability", - "policyDefinitionName": "Deploy_PublicIp_VIPAvailability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPVIPAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PIPVIPAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPVIPAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPVIPAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('PIPVIPAvailabilityPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPVIPAvailabilityThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VNETDDOSAttack", - "policyDefinitionName": "Deploy_VNET_DDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VNETDDOSAttackEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VNETDDOSAttackWindowSize')]" - }, - "severity": { - "value": "[parameters('VNETDDOSAttackAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VNETDDOSAttackAlertState')]" - }, - "effect": { - "value": "[parameters('VNETDDOSAttackPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VNETDDOSAttackThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_FirewallHealth", - "policyDefinitionName": "Deploy_AFW_FirewallHealth_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('FirewallHealthEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('FirewallHealthWindowSize')]" - }, - "severity": { - "value": "[parameters('FirewallHealthAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('FirewallHealthAlertState')]" - }, - "effect": { - "value": "[parameters('FirewallHealthPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('FirewallHealthThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityFWDelete", - "policyDefinitionName": "Deploy_activitylog_Firewall_Delete", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityFWDeleteAlertState')]" - }, - "effect": { - "value": "[parameters('activityFWDeletePolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityNSGDelete", - "policyDefinitionName": "Deploy_activitylog_NSG_Delete", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityNSGDeleteAlertState')]" - }, - "effect": { - "value": "[parameters('activityNSGDeletePolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityUDRUpdate", - "policyDefinitionName": "Deploy_activitylog_RouteTable_Update", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityUDRUpdateAlertState')]" - }, - "effect": { - "value": "[parameters('activityUDRUpdatePolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityVPNGWDelete", - "policyDefinitionName": "Deploy_activitylog_VPNGateway_Delete", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityVPNGWDeleteAlertState')]" - }, - "effect": { - "value": "[parameters('activityVPNGWDeletePolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBDataPathAvailability", - "policyDefinitionName": "Deploy_ALB_DataPathAvailability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBDataPathAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('LBDataPathAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('LBDataPathAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBDataPathAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('LBDataPathAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBGlobalBackendAvailability", - "policyDefinitionName": "Deploy_ALB_GlobalBackendAvailability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBGlobalBackendAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('LBGlobalBackendAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('LBGlobalBackendAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBGlobalBackendAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('LBGlobalBackendAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBHealthProbeStatus", - "policyDefinitionName": "Deploy_ALB_HealthProbeStatus_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBHealthProbeStatusEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('LBHealthProbeStatusWindowSize')]" - }, - "severity": { - "value": "[parameters('LBHealthProbeStatusAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBHealthProbeStatusAlertState')]" - }, - "effect": { - "value": "[parameters('LBHealthProbeStatusPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBUsedSNATPorts", - "policyDefinitionName": "Deploy_ALB_UsedSNATPorts_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBUsedSNATPortsEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('LBUsedSNATPortsWindowSize')]" - }, - "severity": { - "value": "[parameters('LBUsedSNATPortsAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBUsedSNATPortsAlertState')]" - }, - "effect": { - "value": "[parameters('LBUsedSNATPortsPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERPBitsInPerSecond", - "policyDefinitionName": "Deploy_ERP_ExpressRouteBitsIn_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERPBitsInPerSecondEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERPBitsInPerSecondWindowSize')]" - }, - "severity": { - "value": "[parameters('ERPBitsInPerSecondAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERPBitsInPerSecondAlertState')]" - }, - "effect": { - "value": "[parameters('ERPBitsInPerSecondPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERPBitsOutPerSecond", - "policyDefinitionName": "Deploy_ERP_ExpressRouteBitsOut_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERPBitsOutPerSecondEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERPBitsOutPerSecondWindowSize')]" - }, - "severity": { - "value": "[parameters('ERPBitsOutPerSecondAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERPBitsOutPerSecondAlertState')]" - }, - "effect": { - "value": "[parameters('ERPBitsOutPerSecondPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERPLineProtocol", - "policyDefinitionName": "Deploy_ERP_ExpressRoutLineProtocol_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERPLineProtocolEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERPLineProtocolWindowSize')]" - }, - "severity": { - "value": "[parameters('ERPLineProtocolAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERPLineProtocolAlertState')]" - }, - "effect": { - "value": "[parameters('ERPLineProtocolPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERPRxLightLevelHigh", - "policyDefinitionName": "Deploy_ERP_ExpressRoutRxLightLevel_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERPRxLightLevelHighEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERPRxLightLevelHighWindowSize')]" - }, - "severity": { - "value": "[parameters('ERPRxLightLevelHighAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERPRxLightLevelHighAlertState')]" - }, - "effect": { - "value": "[parameters('ERPRxLightLevelHighPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERPRxLightLevelLow", - "policyDefinitionName": "Deploy_ERP_ExpressRoutRxLightLevellow_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERPRxLightLevelLowEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERPRxLightLevelLowWindowSize')]" - }, - "severity": { - "value": "[parameters('ERPRxLightLevelLowAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERPRxLightLevelLowAlertState')]" - }, - "effect": { - "value": "[parameters('ERPRxLightLevelLowPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERPTxLightLevelHigh", - "policyDefinitionName": "Deploy_ERP_ExpressRoutTxLightLevell_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERPTxLightLevelHighEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERPTxLightLevelHighWindowSize')]" - }, - "severity": { - "value": "[parameters('ERPTxLightLevelHighAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERPTxLightLevelHighAlertState')]" - }, - "effect": { - "value": "[parameters('ERPTxLightLevelHighPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ERPTxLightLevelLow", - "policyDefinitionName": "Deploy_ERP_ExpressRoutTxLightLevellow_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('ERPTxLightLevelLowEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('ERPTxLightLevelLowWindowSize')]" - }, - "severity": { - "value": "[parameters('ERPTxLightLevelLowAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('ERPTxLightLevelLowAlertState')]" - }, - "effect": { - "value": "[parameters('ERPTxLightLevelLowPolicyEffect')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-hybridvm.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-hybridvm.jsonc deleted file mode 100644 index 6b90c881..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-hybridvm.jsonc +++ /dev/null @@ -1,2578 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-HybridVM", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Hybrid VMs", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Azure Arc-enabled Servers.", - "metadata": { - "_deployed_by_amba": true, - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorResourceGroupName": { - "defaultValue": "ALZ-Monitoring-RG", - "metadata": { - "description": "Name of the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Name" - }, - "type": "String" - }, - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Location" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_alz_monitor": true - }, - "metadata": { - "description": "Tags for the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Tags" - }, - "type": "Object" - }, - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "BYOUserAssignedManagedIdentityResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity provided by the customer.", - "displayName": "Customer defined User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "ALZUserAssignedManagedIdentityName": { - "defaultValue": "id-AMBA-ARG-Reader-001", - "metadata": { - "description": "The name of the user assigned managed identity to be created for monitoring purpose.", - "displayName": "Name of the user assigned managed identity to be created." - }, - "type": "string" - }, - "ALZManagementSubscriptionId": { - "defaultValue": "", - "metadata": { - "description": "The subscription ID of the management subscription where the user assigned managed identity will be created." - }, - "type": "string" - }, - "HybridVMHeartBeatRGAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the alert for VM Heart Beat RG", - "displayName": "Hybrid VM Heart Beat RG Alert Severity" - }, - "type": "String" - }, - "HybridVMHeartBeatRGWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Hybrid VM Heart Beat RG Window Size" - }, - "type": "string" - }, - "HybridVMHeartBeatRGEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Hybrid VM Heart Beat RG Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMHeartBeatRGAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Hybrid VM Heart Beat RG Auto Mitigate" - }, - "type": "string" - }, - "HybridVMHeartBeatRGAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Hybrid VM Heart Beat RG Auto Resolve" - }, - "type": "string" - }, - "HybridVMHeartBeatRGAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "Hybrid VM Heart Beat RG Auto Resolve Time" - }, - "type": "string" - }, - "HybridVMHeartBeatRGPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM Heart Beat RG Policy Effect" - }, - "type": "string" - }, - "HybridVMHeartBeatRGAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Hybrid VM Heart Beat RG Alert State" - }, - "type": "string" - }, - "HybridVMHeartBeatRGThreshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Hybrid VM Heart Beat RG Threshold" - }, - "type": "string" - }, - "HybridVMHeartBeatRGOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "Hybrid VM Heart Beat RG Operator" - }, - "type": "string" - }, - "HybridVMHeartBeatRGTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "Hybrid VM Heart Beat RG Time Aggregation" - }, - "type": "string" - }, - "HybridVMHeartBeatRGComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "Hybrid VM Heart Beat RG Computers To Include" - }, - "type": "array" - }, - "HybridVMHeartBeatRGFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "HybridVM Heart Beat RG Failing Periods" - }, - "type": "string" - }, - "HybridVMNetworkInAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Network In", - "displayName": "Hybrid VM Network In Alert Severity" - }, - "type": "String" - }, - "HybridVMNetworkInWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Hybrid VM Network In Window Size" - }, - "type": "string" - }, - "HybridVMNetworkInEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Hybrid VM Network In Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMNetworkInAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Hybrid VM Network In Auto Mitigate" - }, - "type": "string" - }, - "HybridVMNetworkInAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Hybrid VM Network In Auto Resolve" - }, - "type": "string" - }, - "HybridVMNetworkInAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "Hybrid VM Network In Auto Resolve Time" - }, - "type": "string" - }, - "HybridVMNetworkInPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM Network In Policy Effect" - }, - "type": "string" - }, - "HybridVMNetworkInAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Hybrid VM Network In Alert State" - }, - "type": "string" - }, - "HybridVMNetworkInThreshold": { - "defaultValue": "10000000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Hybrid VM Network In Threshold" - }, - "type": "string" - }, - "HybridVMNetworkInOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "Hybrid VM Network In Operator" - }, - "type": "string" - }, - "HybridVMNetworkInTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "Hybrid VM Network In Time Aggregation" - }, - "type": "string" - }, - "HybridVMNetworkInEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "Hybrid VM Network In Evaluation Periods" - }, - "type": "string" - }, - "HybridVMNetworkInFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "Hybrid VM Network In Failing Periods" - }, - "type": "string" - }, - "HybridVMNetworkInComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "Hybrid VM Network In Computers To Include" - }, - "type": "array" - }, - "HybridVMNetworkOutAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Network Out", - "displayName": "Hybrid VM Network Out Alert Severity" - }, - "type": "String" - }, - "HybridVMNetworkOutWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Hybrid VM Network Out Window Size" - }, - "type": "string" - }, - "HybridVMNetworkOutEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Hybrid VM Network Out Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMNetworkOutAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Hybrid VM Network Out Auto Mitigate" - }, - "type": "string" - }, - "HybridVMNetworkOutAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Hybrid VM Network Out Auto Resolve" - }, - "type": "string" - }, - "HybridVMNetworkOutAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "Hybrid VM Network Out Auto Resolve Time" - }, - "type": "string" - }, - "HybridVMNetworkOutPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM Network Out Policy Effect" - }, - "type": "string" - }, - "HybridVMNetworkOutAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "Hybrid VM Network Out Alert State" - }, - "type": "string" - }, - "HybridVMNetworkOutThreshold": { - "defaultValue": "10000000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Hybrid VM Network Out Threshold" - }, - "type": "string" - }, - "HybridVMNetworkOutOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "Hybrid VM Network Out Operator" - }, - "type": "string" - }, - "HybridVMNetworkOutTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "Hybrid VM Network Out Time Aggregation" - }, - "type": "string" - }, - "HybridVMNetworkOutEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "Hybrid VM Network Out Evaluation Periods" - }, - "type": "string" - }, - "HybridVMNetworkOutFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "Hybrid VM Network Out Failing Periods" - }, - "type": "string" - }, - "HybridVMNetworkOutComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "Hybrid VM Network Out Computers To Include" - }, - "type": "array" - }, - "HybridVMOSDiskReadLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM OS Disk Read Latency", - "displayName": "Hybrid VM OS Disk Read Latency Alert Severity" - }, - "type": "String" - }, - "HybridVMOSDiskReadLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Hybrid VM OS Disk Read Latency Window Size" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Hybrid VM OS Disk Read Latency Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Hybrid VM OS Disk Read Latency Auto Mitigate" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Hybrid VM OS Disk Read Latency Auto Resolve" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "Hybrid VM OS Disk Read Latency Auto Resolve Time" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM OS Disk Read Latency Policy Effect" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "Hybrid VM OS Disk Read Latency Alert State" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyThreshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Hybrid VM OS Disk Read Latency Threshold" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "Hybrid VM OS Disk Read Latency Operator" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "Hybrid VM OS Disk Read Latency Time Aggregation" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "Hybrid VM OS Disk Read Latency Evaluation Periods" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "Hybrid VM OS Disk Read Latency Failing Periods" - }, - "type": "string" - }, - "HybridVMOSDiskReadLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "Hybrid VM OS Disk Read Latency Computers To Include" - }, - "type": "array" - }, - "HybridVMOSDiskWriteLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM OS Disk Write Latency", - "displayName": "Hybrid VM OS Disk Write Latency Alert Severity" - }, - "type": "String" - }, - "HybridVMOSDiskWriteLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Hybrid VM OS Disk Write Latency Window Size" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Hybrid VM OS Disk Write Latency Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Hybrid VM OS Disk Write Latency Auto Mitigate" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Hybrid VM OS Disk Write Latency Auto Resolve" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "Hybrid VM OS Disk Write Latency Auto Resolve Time" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM OS Disk Write Latency Policy Effect" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "Hybrid VM OS Disk Write Latency Alert State" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyThreshold": { - "defaultValue": "50", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Hybrid VM OS Disk Write Latency Threshold" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "Hybrid VM OS Disk Write Latency Operator" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "Hybrid VM OS Disk Write Latency Time Aggregation" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "Hybrid VM OS Disk Write Latency Evaluation Periods" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "Hybrid VM OS Disk Write Latency Failing Periods" - }, - "type": "string" - }, - "HybridVMOSDiskWriteLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "Hybrid VM OS Disk Write Latency Computers To Include" - }, - "type": "array" - }, - "HybridVMOSDiskSpaceAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM OS Disk Space", - "displayName": "Hybrid VM OS Disk Space Alert Severity" - }, - "type": "String" - }, - "HybridVMOSDiskSpaceWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Hybrid VM OS Disk Space Window Size" - }, - "type": "string" - }, - "HybridVMOSDiskSpaceEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Hybrid VM OS Disk Space Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMOSDiskSpaceAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Hybrid VM OS Disk Space Auto Mitigate" - }, - "type": "string" - }, - "HybridVMOSDiskSpaceAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Hybrid VM OS Disk Space Auto Resolve" - }, - "type": "string" - }, - "HybridVMOSDiskSpaceAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "Hybrid VM OS Disk Space Auto Resolve Time" - }, - "type": "string" - }, - "HybridVMOSDiskSpacePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM OS Disk Space Policy Effect" - }, - "type": "string" - }, - "HybridVMOSDiskSpaceAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "Hybrid VM OS Disk Space Alert State" - }, - "type": "string" - }, - "HybridVMOSDiskSpaceThreshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Hybrid VM OS Disk Space Threshold" - }, - "type": "string" - }, - "HybridVMOSDiskSpaceOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "Hybrid VM OS Disk Space Operator" - }, - "type": "string" - }, - "HybridVMOSDiskSpaceTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "Hybrid VM OS Disk Space Time Aggregation" - }, - "type": "string" - }, - "HybridVMOSDiskSpaceEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "Hybrid VM OS Disk Space Evaluation Periods" - }, - "type": "string" - }, - "HybridVMOSDiskSpaceFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "Hybrid VM OS Disk Space Failing Periods" - }, - "type": "string" - }, - "HybridVMOSDiskSpaceComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "Hybrid VM OS Disk Space Computers To Include" - }, - "type": "array" - }, - "HybridVMPercentCPUAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Percent CPU", - "displayName": "Hybrid VM Percent CPU Alert Severity" - }, - "type": "String" - }, - "HybridVMPercentCPUWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Hybrid VM Percent CPU Window Size" - }, - "type": "string" - }, - "HybridVMPercentCPUEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Hybrid VM Percent CPU Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMPercentCPUAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Hybrid VM Percent CPU Auto Mitigate" - }, - "type": "string" - }, - "HybridVMPercentCPUAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Hybrid VM Percent CPU Auto Resolve" - }, - "type": "string" - }, - "HybridVMPercentCPUAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "Hybrid VM Percent CPU Auto Resolve Time" - }, - "type": "string" - }, - "HybridVMPercentCPUPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM Percent CPU Policy Effect" - }, - "type": "string" - }, - "HybridVMPercentCPUAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "Hybrid VM Percent CPU Alert State" - }, - "type": "string" - }, - "HybridVMPercentCPUThreshold": { - "defaultValue": "85", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Hybrid VM Percent CPU Threshold" - }, - "type": "string" - }, - "HybridVMPercentCPUOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "Hybrid VM Percent CPU Operator" - }, - "type": "string" - }, - "HybridVMPercentCPUTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "Hybrid VM Percent CPU Time Aggregation" - }, - "type": "string" - }, - "HybridVMPercentCPUFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "Hybrid VM Percent CPU Failing Periods" - }, - "type": "string" - }, - "HybridVMPercentMemoryAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Percent Memory", - "displayName": "Hybrid VM Percent Memory Alert Severity" - }, - "type": "String" - }, - "HybridVMPercentMemoryWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Hybrid VM Percent Memory Window Size" - }, - "type": "string" - }, - "HybridVMPercentMemoryEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Hybrid VM Percent Memory Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMPercentMemoryAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Hybrid VM Percent Memory Auto Mitigate" - }, - "type": "string" - }, - "HybridVMPercentMemoryAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Hybrid VM Percent Memory Auto Resolve" - }, - "type": "string" - }, - "HybridVMPercentMemoryAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "Hybrid VM Percent Memory Auto Resolve Time" - }, - "type": "string" - }, - "HybridVMPercentMemoryPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM Percent Memory Policy Effect" - }, - "type": "string" - }, - "HybridVMPercentMemoryAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "Hybrid VM Percent Memory Alert State" - }, - "type": "string" - }, - "HybridVMPercentMemoryThreshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Hybrid VM Percent Memory Threshold" - }, - "type": "string" - }, - "HybridVMPercentMemoryOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "Hybrid VM Percent Memory Operator" - }, - "type": "string" - }, - "HybridVMPercentMemoryTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "Hybrid VM Percent Memory Time Aggregation" - }, - "type": "string" - }, - "HybridVMPercentMemoryFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "Hybrid VM Percent Memory Failing Periods" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Data Disk Space", - "displayName": "Hybrid VM Data Disk Space Alert Severity" - }, - "type": "String" - }, - "HybridVMDataDiskSpaceWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Hybrid VM Data Disk Space Window Size" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Hybrid VM Data Disk Space Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Hybrid VM Data Disk Space Auto Mitigate" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Hybrid VM Data Disk Space Auto Resolve" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "Hybrid VM Data Disk Space Auto Resolve Time" - }, - "type": "string" - }, - "HybridVMDataDiskSpacePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM Data Disk Space Policy Effect" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "Hybrid VM Data Disk Space Alert State" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceThreshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Hybrid VM Data Disk Space Threshold" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "Hybrid VM Data Disk Space Operator" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "Hybrid VM Data Disk Space Time Aggregation" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "Hybrid VM Data Disk Space Evaluation Periods" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "Hybrid VM Data Disk Space Failing Periods" - }, - "type": "string" - }, - "HybridVMDataDiskSpaceComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "Hybrid VM Data Disk Space Computers To Include" - }, - "type": "array" - }, - "HybridVMDataDiskReadLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Data Disk Read Latency", - "displayName": "Hybrid VM Data Disk Read Latency Alert Severity" - }, - "type": "String" - }, - "HybridVMDataDiskReadLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Hybrid VM Data Disk Read Latency Window Size" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Hybrid VM Data Disk Read Latency Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Hybrid VM Data Disk Read Latency Auto Mitigate" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Hybrid VM Data Disk Read Latency Auto Resolve" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "Hybrid VM Data Disk Read Latency Auto Resolve Time" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM Data Disk Read Latency Policy Effect" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "Hybrid VM Data Disk Read Latency Alert State" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyThreshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Hybrid VM Data Disk Read Latency Threshold" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "Hybrid VM Data Disk Read Latency Operator" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "Hybrid VM Data Disk Read Latency Time Aggregation" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "Hybrid VM Data Disk Read Latency Evaluation Periods" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "Hybrid VM Data Disk Read Latency Failing Periods" - }, - "type": "string" - }, - "HybridVMDataDiskReadLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "Hybrid VM Data Disk Read Latency Computers To Include" - }, - "type": "array" - }, - "HybridVMDataDiskWriteLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Data Disk Write Latency", - "displayName": "Hybrid VM Data Disk Write Latency Alert Severity" - }, - "type": "String" - }, - "HybridVMDataDiskWriteLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Hybrid VM Data Disk Write Latency Window Size" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Hybrid VM Data Disk Write Latency Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "Hybrid VM Data Disk Write Latency Auto Mitigate" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "Hybrid VM Data Disk Write Latency Auto Resolve" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "Hybrid VM Data Disk Write Latency Auto Resolve Time" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM Data Disk Write Latency Policy Effect" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "Hybrid VM Data Disk Write Latency Alert State" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyThreshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Hybrid VM Data Disk Write Latency Threshold" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "Hybrid VM Data Disk Write Latency Operator" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "Hybrid VM Data Disk Write Latency Time Aggregation" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "Hybrid VM Data Disk Write Latency Evaluation Periods" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "Hybrid VM Data Disk Write Latency Failing Periods" - }, - "type": "string" - }, - "HybridVMDataDiskWriteLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "Hybrid VM Data Disk Write Latency Computers To Include" - }, - "type": "array" - }, - "HybridVMDisconnectedAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the Hybrid VM Disconnected alert", - "displayName": "Hybrid VM Disconnected Alert Severity" - }, - "type": "String" - }, - "HybridVMDisconnectedAlertWindowSize": { - "allowedValues": [ - "PT12H", - "P1D" - ], - "defaultValue": "P1D", - "metadata": { - "description": "Window size for the Hybrid VM Disconnected alert", - "displayName": "Hybrid VM Disconnected Window Size" - }, - "type": "string" - }, - "HybridVMDisconnectedAlertEvaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT10M", - "PT15M", - "PT30M", - "PT1H", - "PT2H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT10M", - "metadata": { - "description": "Evaluation frequency for the Hybrid VM Disconnected alert", - "displayName": "Hybrid VM Disconnected Evaluation Frequency" - }, - "type": "string" - }, - "HybridVMDisconnectedAlertAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the Hybrid VM Disconnected alert", - "displayName": "Hybrid VM Disconnected Auto Mitigate" - }, - "type": "string" - }, - "HybridVMDisconnectedAlertPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Hybrid VM Disconnected Policy Effect" - }, - "type": "string" - }, - "HybridVMDisconnectedAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "Hybrid VM Disconnected Alert State" - }, - "type": "string" - }, - "HybridVMDisconnectedAlertThreshold": { - "allowedValues": [ - "5m", - "10m", - "15m", - "30m", - "1h", - "2h", - "3h", - "6h", - "12h", - "1d", - "2d", - "3d", - "7d" - ], - "defaultValue": "10m", - "metadata": { - "description": "Threshold in timespan value for the Hybrid VM Disconnected alert", - "displayName": "Hybrid VM Disconnected Threshold (expressed in timespan)" - }, - "type": "string" - }, - "HybridVMDisconnectedAlertOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the Hybrid VM Disconnected alert", - "displayName": "Hybrid VM Disconnected Operator" - }, - "type": "string" - }, - "HybridVMDisconnectedAlertTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the Hybrid VM Disconnected alert", - "displayName": "Hybrid VM Disconnected Time Aggregation" - }, - "type": "string" - }, - "HybridVMDisconnectedAlertEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the Hybrid VM Disconnected alert", - "displayName": "Hybrid VM Disconnected Evaluation Periods" - }, - "type": "string" - }, - "HybridVMDisconnectedAlertFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the Hybrid VM Disconnected alert", - "displayName": "Hybrid VM Disconnected Failing Periods" - }, - "type": "string" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_HybridVMHeartBeatRG", - "policyDefinitionName": "Deploy_Hybrid_VM_HeartBeat_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMHeartBeatRGEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMHeartBeatRGAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMHeartBeatRGWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMHeartBeatRGAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMHeartBeatRGAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMHeartBeatRGThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMHeartBeatRGFailingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMHeartBeatRGTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMHeartBeatRGOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMHeartBeatRGPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('HybridVMHeartBeatRGAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('HybridVMHeartBeatRGComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('HybridVMHeartBeatRGAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_HybridVMNetworkIn", - "policyDefinitionName": "Deploy_Hybrid_VM_NetworkIn_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMNetworkInEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMNetworkInAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMNetworkInWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMNetworkInAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMNetworkInAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMNetworkInThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMNetworkInFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('HybridVMNetworkInEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMNetworkInTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMNetworkInOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMNetworkInPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('HybridVMNetworkInAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('HybridVMNetworkInComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('HybridVMNetworkInAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_HybridVMNetworkOut", - "policyDefinitionName": "Deploy_Hybrid_VM_NetworkOut_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMNetworkOutEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMNetworkOutAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMNetworkOutWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMNetworkOutAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMNetworkOutAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMNetworkOutThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMNetworkOutFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('HybridVMNetworkOutEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMNetworkOutTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMNetworkOutOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMNetworkOutPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('HybridVMNetworkOutAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('HybridVMNetworkOutComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('HybridVMNetworkOutAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_HybridVMOSDiskReadLatency", - "policyDefinitionName": "Deploy_Hybrid_VM_OSDiskreadLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMOSDiskReadLatencyEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMOSDiskReadLatencyAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMOSDiskReadLatencyWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMOSDiskReadLatencyAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMOSDiskReadLatencyAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMOSDiskReadLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMOSDiskReadLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('HybridVMOSDiskReadLatencyEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMOSDiskReadLatencyTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMOSDiskReadLatencyOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMOSDiskReadLatencyPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('HybridVMOSDiskReadLatencyAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('HybridVMOSDiskReadLatencyComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('HybridVMOSDiskReadLatencyAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_HybridVMOSDiskWriteLatency", - "policyDefinitionName": "Deploy_Hybrid_VM_OSDiskwriteLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMOSDiskWriteLatencyEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMOSDiskWriteLatencyAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMOSDiskWriteLatencyWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMOSDiskWriteLatencyAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMOSDiskWriteLatencyAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMOSDiskWriteLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMOSDiskWriteLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('HybridVMOSDiskWriteLatencyEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMOSDiskWriteLatencyTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMOSDiskWriteLatencyOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMOSDiskWriteLatencyPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('HybridVMOSDiskWriteLatencyAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('HybridVMOSDiskWriteLatencyComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('HybridVMOSDiskWriteLatencyAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_HybridVMOSDiskSpace", - "policyDefinitionName": "Deploy_Hybrid_VM_OSDiskSpace_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMOSDiskSpaceEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMOSDiskSpaceAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMOSDiskSpaceWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMOSDiskSpaceAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMOSDiskSpaceAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMOSDiskSpaceThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMOSDiskSpaceFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('HybridVMOSDiskSpaceEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMOSDiskSpaceTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMOSDiskSpaceOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMOSDiskSpacePolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('HybridVMOSDiskSpaceAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('HybridVMOSDiskSpaceComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('HybridVMOSDiskSpaceAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_HybridVMPercentCPU", - "policyDefinitionName": "Deploy_Hybrid_VM_CPU_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMPercentCPUEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMPercentCPUAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMPercentCPUWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMPercentCPUAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMPercentCPUAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMPercentCPUThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMPercentCPUFailingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMPercentCPUTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMPercentCPUOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMPercentCPUPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('HybridVMPercentCPUAutoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('HybridVMPercentCPUAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_HybridVMPercentMemory", - "policyDefinitionName": "Deploy_Hybrid_VM_Memory_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMPercentMemoryEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMPercentMemoryAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMPercentMemoryWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMPercentMemoryAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMPercentMemoryAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMPercentMemoryThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMPercentMemoryFailingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMPercentMemoryTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMPercentMemoryOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMPercentMemoryPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('HybridVMPercentMemoryAutoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('HybridVMPercentMemoryAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_HybridVMDataDiskSpace", - "policyDefinitionName": "Deploy_Hybrid_VM_dataDiskSpace_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMDataDiskSpaceEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMDataDiskSpaceAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMDataDiskSpaceWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMDataDiskSpaceAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMDataDiskSpaceAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMDataDiskSpaceThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMDataDiskSpaceFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('HybridVMDataDiskSpaceEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMDataDiskSpaceTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMDataDiskSpaceOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMDataDiskSpacePolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('HybridVMDataDiskSpaceAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('HybridVMDataDiskSpaceComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('HybridVMDataDiskSpaceAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_HybridVMDataDiskReadLatency", - "policyDefinitionName": "Deploy_Hybrid_VM_dataDiskReadLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMDataDiskReadLatencyEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMDataDiskReadLatencyAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMDataDiskReadLatencyWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMDataDiskReadLatencyAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMDataDiskReadLatencyAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMDataDiskReadLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMDataDiskReadLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('HybridVMDataDiskReadLatencyEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMDataDiskReadLatencyTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMDataDiskReadLatencyOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMDataDiskReadLatencyPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('HybridVMDataDiskReadLatencyAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('HybridVMDataDiskReadLatencyComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('HybridVMDataDiskReadLatencyAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_HybridVMDataDiskWriteLatency", - "policyDefinitionName": "Deploy_Hybrid_VM_dataDiskWriteLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMDataDiskWriteLatencyEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMDataDiskWriteLatencyAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMDataDiskWriteLatencyWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMDataDiskWriteLatencyAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMDataDiskWriteLatencyAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMDataDiskWriteLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMDataDiskWriteLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('HybridVMDataDiskWriteLatencyEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMDataDiskWriteLatencyTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMDataDiskWriteLatencyOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMDataDiskWriteLatencyPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('HybridVMDataDiskWriteLatencyAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('HybridVMDataDiskWriteLatencyComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('HybridVMDataDiskWriteLatencyAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_HybridVMDisconnected", - "policyDefinitionName": "Deploy_Hybrid_VM_Disconnected_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HybridVMDisconnectedAlertEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('HybridVMDisconnectedAlertAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('HybridVMDisconnectedAlertWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HybridVMDisconnectedAlertState')]" - }, - "severity": { - "value": "[parameters('HybridVMDisconnectedAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HybridVMDisconnectedAlertThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('HybridVMDisconnectedAlertFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('HybridVMDisconnectedAlertEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('HybridVMDisconnectedAlertTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('HybridVMDisconnectedAlertOperator')]" - }, - "effect": { - "value": "[parameters('HybridVMDisconnectedAlertPolicyEffect')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-identity.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-identity.jsonc deleted file mode 100644 index 34683ff2..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-identity.jsonc +++ /dev/null @@ -1,787 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-Identity", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Identity", - "description": "Initiative to deploy AMBA alerts relevant to the ALZ Identity management group", - "metadata": { - "_deployed_by_amba": true, - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorResourceGroupName": { - "defaultValue": "ALZ-Monitoring-RG", - "metadata": { - "description": "Name of the resource group where the alerting resources will be deployed", - "displayName": "ALZ Monitor Resource Group Name" - }, - "type": "String" - }, - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the resource group where the alerting resources will be deployed", - "displayName": "ALZ Monitor Resource Group Location" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_alz_monitor": true - }, - "metadata": { - "description": "Tags for the resource group where the alerting resources will be deployed", - "displayName": "ALZ Monitor Resource Group Tags" - }, - "type": "Object" - }, - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "HSMsLatencyAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Key Vault Managed HSMs Latency Availability Evaluation Frequency" - }, - "type": "string" - }, - "KvLatencyAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "KeyVault Latency Alert Evaluation Frequency" - }, - "type": "string" - }, - "HSMsLatencyAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the alert for Key Vault Managed HSMs Latency Availability", - "displayName": "Key Vault Managed HSMs Latency Availability Alert Severity" - }, - "type": "String" - }, - "HSMsAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Key Vault Managed HSMs Availability Evaluation Frequency" - }, - "type": "string" - }, - "HSMsLatencyAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Managed HSMs Latency Availability Policy Effect" - }, - "type": "string" - }, - "KvLatencyAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the alert", - "displayName": "KeyVault Latency Alert Severity" - }, - "type": "String" - }, - "HSMsLatencyAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Key Vault Managed HSMs Latency Availability Alert State" - }, - "type": "string" - }, - "HSMsLatencyAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Key Vault Managed HSMs Latency Availability Window Size" - }, - "type": "string" - }, - "KvAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "KeyVault Availability Alert Evaluation Frequency" - }, - "type": "string" - }, - "KvLatencyAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert", - "displayName": "KeyVault Latency Alert Policy Effect" - }, - "type": "string" - }, - "HSMsLatencyAvailabilityThreshold": { - "defaultValue": "1000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Key Vault Managed HSMs Latency Availability Threshold" - }, - "type": "string" - }, - "KvLatencyAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "description": "State of the alert, true will enable the alert, false will disable the alert", - "displayName": "KeyVault Latency Alert State" - }, - "type": "string" - }, - "KvLatencyAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "KeyVault Latency Alert Window Size" - }, - "type": "string" - }, - "KvLatencyAvailabilityThreshold": { - "defaultValue": "1000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "KeyVault Latency Alert Threshold" - }, - "type": "string" - }, - "activityHSMsDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Managed HSMs Delete Policy Effect" - }, - "type": "string" - }, - "KVCapacityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "KeyVault Capacity Alert Evaluation Frequency" - }, - "type": "string" - }, - "HSMsAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the alert for Key Vault Managed HSMs Availability", - "displayName": "Key Vault Managed HSMs Availability Alert Severity" - }, - "type": "String" - }, - "KVRequestEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "KeyVault Request Alert Evaluation Frequency" - }, - "type": "string" - }, - "activityKVDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Delete Policy Effect" - }, - "type": "string" - }, - "HSMsAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Managed HSMs Availability Policy Effect" - }, - "type": "string" - }, - "activityHSMsDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Activity Key Vault Managed HSMs Delete Alert State" - }, - "type": "string" - }, - "KvAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the alert", - "displayName": "KeyVault Availability Alert Severity" - }, - "type": "String" - }, - "activityKVDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "description": "State of the alert, true will enable the alert, false will disable the alert", - "displayName": "Activity Log KeyVault Delete Alert State" - }, - "type": "string" - }, - "HSMsAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Key Vault Managed HSMs Availability Window Size" - }, - "type": "string" - }, - "HSMsAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Key Vault Managed HSMs Availability Alert State" - }, - "type": "string" - }, - "KvAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert", - "displayName": "KeyVault Availability Alert Policy Effect" - }, - "type": "string" - }, - "HSMsAvailabilityThreshold": { - "defaultValue": "20", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Key Vault Managed HSMs Availability Threshold" - }, - "type": "string" - }, - "KvAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Window size for the alert", - "displayName": "KeyVault Availability Alert Window Size" - }, - "type": "string" - }, - "KvAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "description": "State of the alert, true will enable the alert, false will disable the alert", - "displayName": "KeyVault Availability Alert State" - }, - "type": "string" - }, - "KVAvailabilityThreshold": { - "defaultValue": "20", - "metadata": { - "description": "Threshold for the alert", - "displayName": "KeyVault Availability Alert Threshold" - }, - "type": "string" - }, - "KVCapacityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the alert", - "displayName": "KeyVault Capacity Alert Severity" - }, - "type": "String" - }, - "KVRequestAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert", - "displayName": "KeyVault Request Alert Severity" - }, - "type": "String" - }, - "KVCapacityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert", - "displayName": "KeyVault Capacity Alert Policy Effect" - }, - "type": "string" - }, - "KVRequestPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert", - "displayName": "KeyVault Request Alert Policy Effect" - }, - "type": "string" - }, - "KVCapacityAlertState": { - "defaultValue": "true", - "metadata": { - "description": "State of the alert, true will enable the alert, false will disable the alert", - "displayName": "KeyVault Capacity Alert State" - }, - "type": "string" - }, - "KVCapacityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "KeyVault Capacity Alert Window Size" - }, - "type": "string" - }, - "KVRequestWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "KeyVault Request Alert Window Size" - }, - "type": "string" - }, - "KVRequestAlertState": { - "defaultValue": "true", - "metadata": { - "description": "State of the alert, true will enable the alert, false will disable the alert", - "displayName": "KeyVault Request Alert State" - }, - "type": "string" - }, - "KVCapacityThreshold": { - "defaultValue": "75", - "metadata": { - "description": "Threshold for the alert", - "displayName": "KeyVault Capacity Alert Threshold" - }, - "type": "string" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_KVRequest", - "policyDefinitionName": "Deploy_KeyVault_Requests_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KVRequestEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('KVRequestWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('KVRequestAlertState')]" - }, - "severity": { - "value": "[parameters('KVRequestAlertSeverity')]" - }, - "effect": { - "value": "[parameters('KVRequestPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_KvAvailability", - "policyDefinitionName": "Deploy_KeyVault_Availability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KvAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('KvAvailabilityWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('KvAvailabilityAlertState')]" - }, - "severity": { - "value": "[parameters('KvAvailabilityAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('KVAvailabilityThreshold')]" - }, - "effect": { - "value": "[parameters('KvAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_KvLatencyAvailability", - "policyDefinitionName": "Deploy_KeyVault_Latency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KvLatencyAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('KvLatencyAvailabilityWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('KvLatencyAvailabilityAlertState')]" - }, - "severity": { - "value": "[parameters('KvLatencyAvailabilityAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('KvLatencyAvailabilityThreshold')]" - }, - "effect": { - "value": "[parameters('KvLatencyAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_KVCapacity", - "policyDefinitionName": "Deploy_KeyVault_Capacity_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KVCapacityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('KVCapacityWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('KVCapacityAlertState')]" - }, - "severity": { - "value": "[parameters('KVCapacityAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('KVCapacityThreshold')]" - }, - "effect": { - "value": "[parameters('KVCapacityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityKVDelete", - "policyDefinitionName": "Deploy_activitylog_KeyVault_Delete", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityKVDeleteAlertState')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "effect": { - "value": "[parameters('activityKVDeletePolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ManagedHSMsAvailability", - "policyDefinitionName": "Deploy_ManagedHSMs_Availability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HSMsAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('HSMsAvailabilityWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HSMsAvailabilityAlertState')]" - }, - "severity": { - "value": "[parameters('HSMsAvailabilityAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HSMsAvailabilityThreshold')]" - }, - "effect": { - "value": "[parameters('HSMsAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ManagedHSMsLatencyAvailability", - "policyDefinitionName": "Deploy_ManagedHSMs_Latency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HSMsLatencyAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('HSMsLatencyAvailabilityWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HSMsLatencyAvailabilityAlertState')]" - }, - "severity": { - "value": "[parameters('HSMsLatencyAvailabilityAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HSMsLatencyAvailabilityThreshold')]" - }, - "effect": { - "value": "[parameters('HSMsLatencyAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityManagedHSMsDelete", - "policyDefinitionName": "Deploy_ActivityLog_ManagedHSMs_Delete", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityHSMsDeleteAlertState')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "effect": { - "value": "[parameters('activityHSMsDeletePolicyEffect')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-keymanagement.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-keymanagement.jsonc deleted file mode 100644 index 83d48b53..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-keymanagement.jsonc +++ /dev/null @@ -1,787 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-KeyManagement", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Key Management", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Key Management Services such as Azure Key Vault, and Managed HSM.", - "metadata": { - "_deployed_by_amba": true, - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.0.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorResourceGroupName": { - "defaultValue": "ALZ-Monitoring-RG", - "metadata": { - "description": "Name of the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Name" - }, - "type": "String" - }, - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Location" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_amba": true - }, - "metadata": { - "description": "Tags for the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Tags" - }, - "type": "Object" - }, - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "HSMsLatencyAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Key Vault Managed HSMs Latency Availability Evaluation Frequency" - }, - "type": "string" - }, - "KvLatencyAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Key Vault Latency Availability Evaluation Frequency" - }, - "type": "string" - }, - "HSMsLatencyAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the alert for Key Vault Managed HSMs Latency Availability", - "displayName": "Key Vault Managed HSMs Latency Availability Alert Severity" - }, - "type": "String" - }, - "HSMsAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Key Vault Managed HSMs Availability Evaluation Frequency" - }, - "type": "string" - }, - "HSMsLatencyAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Managed HSMs Latency Availability Policy Effect" - }, - "type": "string" - }, - "KvLatencyAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "description": "Severity of the alert for Key Vault Latency Availability", - "displayName": "Key Vault Latency Availability Alert Severity" - }, - "type": "String" - }, - "HSMsLatencyAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Key Vault Managed HSMs Latency Availability Alert State" - }, - "type": "string" - }, - "HSMsLatencyAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Key Vault Managed HSMs Latency Availability Window Size" - }, - "type": "string" - }, - "KvAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Key Vault Availability Evaluation Frequency" - }, - "type": "string" - }, - "KvLatencyAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Latency Availability Policy Effect" - }, - "type": "string" - }, - "HSMsLatencyAvailabilityThreshold": { - "defaultValue": "1000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Key Vault Managed HSMs Latency Availability Threshold" - }, - "type": "string" - }, - "KvLatencyAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Key Vault Latency Availability Alert State" - }, - "type": "string" - }, - "KvLatencyAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Key Vault Latency Availability Window Size" - }, - "type": "string" - }, - "KvLatencyAvailabilityThreshold": { - "defaultValue": "1000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Key Vault Latency Availability Threshold" - }, - "type": "string" - }, - "activityHSMsDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Managed HSMs Delete Policy Effect" - }, - "type": "string" - }, - "KVCapacityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Key Vault Capacity Evaluation Frequency" - }, - "type": "string" - }, - "HSMsAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the alert for Key Vault Managed HSMs Availability", - "displayName": "Key Vault Managed HSMs Availability Alert Severity" - }, - "type": "String" - }, - "KVRequestEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Key Vault Request Evaluation Frequency" - }, - "type": "string" - }, - "activityKVDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Delete Policy Effect" - }, - "type": "string" - }, - "HSMsAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Managed HSMs Availability Policy Effect" - }, - "type": "string" - }, - "activityHSMsDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Activity Key Vault Managed HSMs Delete Alert State" - }, - "type": "string" - }, - "KvAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the alert for Key Vault Availability", - "displayName": "Key Vault Availability Alert Severity" - }, - "type": "String" - }, - "activityKVDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Activity Key Vault Delete Alert State" - }, - "type": "string" - }, - "HSMsAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Key Vault Managed HSMs Availability Window Size" - }, - "type": "string" - }, - "HSMsAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Key Vault Managed HSMs Availability Alert State" - }, - "type": "string" - }, - "KvAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Availability Policy Effect" - }, - "type": "string" - }, - "HSMsAvailabilityThreshold": { - "defaultValue": "20", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Key Vault Managed HSMs Availability Threshold" - }, - "type": "string" - }, - "KvAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Key Vault Availability Window Size" - }, - "type": "string" - }, - "KvAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Key Vault Availability Alert State" - }, - "type": "string" - }, - "KVAvailabilityThreshold": { - "defaultValue": "20", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Key Vault Availability Threshold" - }, - "type": "string" - }, - "KVCapacityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the alert for Key Vault Capacity", - "displayName": "Key Vault Capacity Alert Severity" - }, - "type": "String" - }, - "KVRequestAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for Key Vault Request", - "displayName": "Key Vault Request Alert Severity" - }, - "type": "String" - }, - "KVCapacityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Capacity Policy Effect" - }, - "type": "string" - }, - "KVRequestPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Key Vault Request Policy Effect" - }, - "type": "string" - }, - "KVCapacityAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Key Vault Capacity Alert State" - }, - "type": "string" - }, - "KVCapacityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Key Vault Capacity Window Size" - }, - "type": "string" - }, - "KVRequestWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Key Vault Request Window Size" - }, - "type": "string" - }, - "KVRequestAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Key Vault Request Alert State" - }, - "type": "string" - }, - "KVCapacityThreshold": { - "defaultValue": "75", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Key Vault Capacity Threshold" - }, - "type": "string" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_KVRequest", - "policyDefinitionName": "Deploy_KeyVault_Requests_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KVRequestEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('KVRequestWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('KVRequestAlertState')]" - }, - "severity": { - "value": "[parameters('KVRequestAlertSeverity')]" - }, - "effect": { - "value": "[parameters('KVRequestPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_KvAvailability", - "policyDefinitionName": "Deploy_KeyVault_Availability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KvAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('KvAvailabilityWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('KvAvailabilityAlertState')]" - }, - "severity": { - "value": "[parameters('KvAvailabilityAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('KVAvailabilityThreshold')]" - }, - "effect": { - "value": "[parameters('KvAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_KvLatencyAvailability", - "policyDefinitionName": "Deploy_KeyVault_Latency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KvLatencyAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('KvLatencyAvailabilityWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('KvLatencyAvailabilityAlertState')]" - }, - "severity": { - "value": "[parameters('KvLatencyAvailabilityAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('KvLatencyAvailabilityThreshold')]" - }, - "effect": { - "value": "[parameters('KvLatencyAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_KVCapacity", - "policyDefinitionName": "Deploy_KeyVault_Capacity_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KVCapacityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('KVCapacityWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('KVCapacityAlertState')]" - }, - "severity": { - "value": "[parameters('KVCapacityAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('KVCapacityThreshold')]" - }, - "effect": { - "value": "[parameters('KVCapacityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityKVDelete", - "policyDefinitionName": "Deploy_activitylog_KeyVault_Delete", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityKVDeleteAlertState')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "effect": { - "value": "[parameters('activityKVDeletePolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ManagedHSMsAvailability", - "policyDefinitionName": "Deploy_ManagedHSMs_Availability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HSMsAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('HSMsAvailabilityWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HSMsAvailabilityAlertState')]" - }, - "severity": { - "value": "[parameters('HSMsAvailabilityAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HSMsAvailabilityThreshold')]" - }, - "effect": { - "value": "[parameters('HSMsAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ManagedHSMsLatencyAvailability", - "policyDefinitionName": "Deploy_ManagedHSMs_Latency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('HSMsLatencyAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('HSMsLatencyAvailabilityWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('HSMsLatencyAvailabilityAlertState')]" - }, - "severity": { - "value": "[parameters('HSMsLatencyAvailabilityAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('HSMsLatencyAvailabilityThreshold')]" - }, - "effect": { - "value": "[parameters('HSMsLatencyAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityManagedHSMsDelete", - "policyDefinitionName": "Deploy_ActivityLog_ManagedHSMs_Delete", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityHSMsDeleteAlertState')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "effect": { - "value": "[parameters('activityHSMsDeletePolicyEffect')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-landingzone.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-landingzone.jsonc deleted file mode 100644 index 317d5204..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-landingzone.jsonc +++ /dev/null @@ -1,5449 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-LandingZone", - "properties": { - "displayName": "[Deprecated]: Deploy Azure Monitor Baseline Alerts for Landing Zone", - "description": "Initiative to deploy AMBA alerts relevant to the ALZ LandingZone management group", - "metadata": { - "alzCloudEnvironments": [ - "AzureCloud" - ], - "_deployed_by_amba": true, - "version": "1.1.0-deprecated", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/", - "deprecated": true, - "supersededBy": "Alerting-KeyManagement, Alerting-LoadBalancing, Alerting-NetworkChanges, Alerting-RecoveryServices, Alerting-Storage, Alerting-VM, Alerting-Web" - }, - "parameters": { - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "displayName": "ALZ Monitor Resource Group Location", - "description": "Location of the resource group where the ALZ Monitor resources will be deployed" - }, - "type": "String" - }, - "LBGlobalBackendAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Global Backend Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBDatapathAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Data path Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_alz_monitor": true - }, - "metadata": { - "displayName": "ALZ Monitor Resource Group Tags", - "description": "Tags for the resource group where the ALZ Monitor resources will be deployed" - }, - "type": "Object" - }, - "ALZMonitorResourceGroupName": { - "defaultValue": "ALZ-Monitoring-RG", - "metadata": { - "displayName": "ALZ Monitor Resource Group Name", - "description": "Name of the resource group where the ALZ Monitor resources will be deployed" - }, - "type": "String" - }, - "LBGlobalBackendAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "LB Global Backend Availability Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "LBGlobalBackendAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Global Backend Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "LBHealthProbeStatusEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Health Probe Status Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBGlobalBackendAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Global Backend Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "PIP VIP Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBGlobalBackendAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Global Backend Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "LBDatapathAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "LB Data path Availability Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PIPPacketsInDDoSEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Packets In DDoS Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBDatapathAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Data path Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "LBUsedSNATPortsEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Used SNAT Ports Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Bytes In DDoS Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "VNET DDoS Attack Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBDatapathAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Data path Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "LBHealthProbeStatusAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "LB Health Probe Status Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "LBDatapathAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Data path Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP DDoS Attack Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBHealthProbeStatusPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Health Probe Status Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "PIP VIP Availability Alert Severity", - "description": "Severity of the alert for PIP VIP Availability" - }, - "type": "String" - }, - "PIPVIPAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "PIP VIP Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "LBHealthProbeStatusAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Health Probe Status Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPPacketsInDDoSAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "4", - "metadata": { - "displayName": "PIP Packets In DDoS Alert Severity", - "description": "Severity of the alert for PIP Packets In DDoS" - }, - "type": "String" - }, - "LBHealthProbeStatusWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Health Probe Status Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "LBUsedSNATPortsAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "LB Used SNAT Ports Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PIPPacketsInDDoSPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "PIP Packets In DDoS Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "PIPVIPAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP VIP Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP VIP Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "4", - "metadata": { - "displayName": "PIP Bytes In DDoS Alert Severity", - "description": "Severity of the alert for PIP Bytes In DDoS" - }, - "type": "String" - }, - "LBUsedSNATPortsPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Used SNAT Ports Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "activityNSGDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Activity NSG Delete Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "PIP VIP Availability Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "activityUDRUpdateAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Activity UDR Update Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "VNET DDoS Attack Alert Severity", - "description": "Severity of the alert for VNET DDoS Attack" - }, - "type": "String" - }, - "PIPPacketsInDDoSWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Packets In DDoS Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VNET DDoS Attack Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "PIPBytesInDDoSPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "PIP Bytes In DDoS Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "PIPDDoSAttackAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "PIP DDoS Attack Alert Severity", - "description": "Severity of the alert for PIP DDoS Attack" - }, - "type": "String" - }, - "PIPPacketsInDDoSAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP Packets In DDoS Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "PIP DDoS Attack Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "LBUsedSNATPortsWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Used SNAT Ports Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "LBUsedSNATPortsAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Used SNAT Ports Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPPacketsInDDoSThreshold": { - "defaultValue": "40000", - "metadata": { - "displayName": "PIP Packets In DDoS Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "AGWApplicationGatewayTotalTimeEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Total Time Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimeEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VNET DDoS Attack Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VNET DDoS Attack Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Bytes In DDoS Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP Bytes In DDoS Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP DDoS Attack Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "VNET DDoS Attack Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSThreshold": { - "defaultValue": "8000000", - "metadata": { - "displayName": "PIP Bytes In DDoS Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP DDoS Attack Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWApplicationGatewayTotalTimeAlertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "displayName": "AGW Total Time Dynamic Alert Sensitivity", - "description": "Dynamic Sensitivity of the alert" - }, - "type": "String" - }, - "AGWBackendLastByteResponseTimeAlertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Dynamic Alert Sensitivity", - "description": "Dynamic Severity of the alert" - }, - "type": "String" - }, - "CDNPOriginHealthPercentageEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "CDN Origin Health Percentage Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackThreshold": { - "defaultValue": "0", - "metadata": { - "displayName": "PIP DDoS Attack Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimeAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWApplicationGatewayTotalTimeAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Total Time Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWApplicationGatewayTotalTimePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Total Time Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "FDBackendRequestLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "FD Backend Request Latency Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimeAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWApplicationGatewayTotalTimeWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Total Time Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWApplicationGatewayTotalTimeAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Total Time Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimeWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWUnhealthyHostCountEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Unhealthy Host Count Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "StorageAccountAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "Storage Account Availability Alert Severity", - "description": "Severity of the alert for Storage Account Availability" - }, - "type": "String" - }, - "CDNPOriginHealthPercentageAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "CDN Origin Health Percentage Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "CDNPOriginHealthPercentagePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "CDN Origin Health Percentage Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "StorageAccountAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Storage Account Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "CDNPPercentage5XXEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "CDN Percentage 5XX Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "CDNPOriginHealthPercentageAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "CDN Origin Health Percentage Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "CDNPOriginHealthPercentageWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "CDN Origin Health Percentage Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "CDNPOriginLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "CDN Origin Latency Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "CDNPPercentage4XXEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "CDN Percentage 4XX Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWResponseStatusEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Response Status Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWFailedRequestsEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Failed Requests Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "StorageAccountAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Storage Account Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "StorageAccountAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Storage Account Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "FDBackendRequestLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "FD Backend Request Latency Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "StorageAccountAvailabilityFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Storage Account Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "TMEndpointHealthEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "TM Enpoint Health Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWCapacityUnitsEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Capacity Units Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "FDBackendRequestLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "FD Backend Request Latency Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "StorageAccountAvailabilityThreshold": { - "defaultValue": "90", - "metadata": { - "displayName": "Storage Account Availability Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "AGWComputeUnitsEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Compute Units Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "FDBackendHealthEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "FD Backend Health Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWUnhealthyHostCountAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Unhealthy Host Count Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "FDBackendRequestLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "FD Backend Request Latency Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWUnhealthyHostCountPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Unhealthy Host Count Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWResponseStatusAlertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "displayName": "AGW Response Status Dynamic Alert Sensitivity", - "description": "Dynamic Sensitivity of the alert" - }, - "type": "String" - }, - "FDBackendRequestLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "FD Backend Request Latency Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWFailedRequestsAlertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "displayName": "AGW Failed Requests Dynamic Alert Sensitivity", - "description": "Dynamic Sensitivity of the alert" - }, - "type": "String" - }, - "RVBackupHealthMonitorPolicyEffect": { - "allowedValues": [ - "modify", - "audit", - "disabled" - ], - "defaultValue": "modify", - "metadata": { - "displayName": "Recovery Vault Backup Health Monitor Policy Effect", - "description": "Policy effect for the alert, modify will modify the alert if it exists, or audit if it does not exist" - }, - "type": "string" - }, - "StorageAccountDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Storage Account Delete Alert Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will create the alert if it does not exist, disabled will not create the alert" - }, - "type": "string" - }, - "AGWUnhealthyHostCountAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Unhealthy Host Count Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWUnhealthyHostCountWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Unhealthy Host Count Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "CDNPPercentage5XXAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "CDN Percentage 5XX Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "CDNPOriginLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "CDN Origin Latancy Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "CDNPPercentage4XXAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "CDN Percentage 4XX Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWFailedRequestsAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Failed Requests Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWResponseStatusAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Response Status Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "StorageAccountDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Storage Account Delete Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWFailedRequestsPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Failed Requests Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWCPUUtilEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW CPU Util Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWCapacityUnitsAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Capacity Units Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWResponseStatusPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Response Status Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "CDNPPercentage4XXPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "CDN Percentage 4XX Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "TMEndpointHealthAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "TM Enpoint Health Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "CDNPPercentage5XXPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "CDN Percentage 5XX Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "CDNPOriginLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "CDN Origin Latency Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "FDBackendHealthAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "FD Backend Health Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWComputeUnitsAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Compute Units Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWCapacityUnitsPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Capacity Units Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "TMEndpointHealthPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "TM Enpoint Health Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWFailedRequestsAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Failed Requests Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "CDNPOriginLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "CDN Origin Latency Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "CDNPPercentage4XXWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "CDN Percentage 4XX Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "CDNPPercentage4XXAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "CDN Percentage 4XX Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "CDNPPercentage5XXWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "CDN Percentage 5XX Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWResponseStatusAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Response Status Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "CDNPOriginLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "CDN Origin Latency Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "CDNPPercentage5XXAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "CDN Percentage 5XX Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWResponseStatusWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Response Status Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWComputeUnitsPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Compute Units Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWFailedRequestsWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Failed Requests Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "FDBackendHealthPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "FD Backend Health Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWCapacityUnitsWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Capacity Units Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "TMEndpointHealthWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "TM Enpoint Health Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "TMEndpointHealthAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "TM Enpoint Health Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWCapacityUnitsAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Capacity Units Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "FDBackendHealthAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "FD Backend Health Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWComputeUnitsAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Compute Units Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWComputeUnitsWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Compute Units Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "FDBackendHealthWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "FD Backend Health Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWCPUUtilAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW CPU Util Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWCPUUtilPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW CPU Util Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWCPUUtilWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW CPU Util Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWCPUUtilAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW CPU Util Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "KVRequestAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "Key Vault Request Alert Severity", - "description": "Severity of the alert for Key Vault Request" - }, - "type": "String" - }, - "KVRequestWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Key Vault Request Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "KVRequestEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Key Vault Request Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "KVRequestPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "Key Vault Request Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "KVRequestAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Key Vault Request Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "KvAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "Key Vault Availability Alert Severity", - "description": "Severity of the alert for Key Vault Availability" - }, - "type": "String" - }, - "KvAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "Key Vault Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "KvAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "Key Vault Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "KvAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "Key Vault Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "KvAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Key Vault Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "KVAvailabilityThreshold": { - "defaultValue": "20", - "metadata": { - "displayName": "Key Vault Availability Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "KvLatencyAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "3", - "metadata": { - "displayName": "Key Vault Latency Availability Alert Severity", - "description": "Severity of the alert for Key Vault Latency Availability" - }, - "type": "String" - }, - "KvLatencyAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Key Vault Latency Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "KvLatencyAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Key Vault Latency Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "KvLatencyAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "Key Vault Latency Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "KvLatencyAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Key Vault Latency Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "KvLatencyAvailabilityThreshold": { - "defaultValue": "1000", - "metadata": { - "displayName": "Key Vault Latency Availability Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "KVCapacityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "Key Vault Capacity Alert Severity", - "description": "Severity of the alert for Key Vault Capacity" - }, - "type": "String" - }, - "KVCapacityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Key Vault Capacity Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "KVCapacityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "Key Vault Capacity Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "KVCapacityThreshold": { - "defaultValue": "75", - "metadata": { - "displayName": "Key Vault Capacity Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "activityKVDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Activity Key Vault Delete Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VMHeartBeatRGAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "VM Heart Beat RG Alert Severity", - "description": "Severity of the alert for VM Heart Beat RG" - }, - "type": "String" - }, - "VMHeartBeatRGWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT6H", - "metadata": { - "displayName": "VM Heart Beat RG Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VMHeartBeatRGEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VM Heart Beat RG Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VMHeartBeatRGAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Heart Beat RG Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VMHeartBeatRGAutoResolve": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Heart Beat RG Auto Resolve", - "description": "Auto Resolve for the alert" - }, - "type": "string" - }, - "VMHeartBeatRGAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "displayName": "VM Heart Beat RG Auto Resolve Time", - "description": "Auto Resolve Time for the alert" - }, - "type": "string" - }, - "VMHeartBeatRGPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VM Heart Beat RG Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "VMHeartBeatRGAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Heart Beat RG Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VMHeartBeatRGThreshold": { - "defaultValue": "10", - "metadata": { - "displayName": "VM Heart Beat RG Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VMHeartBeatRGOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "VM Heart Beat RG Operator", - "description": "Operator for the alert" - }, - "type": "string" - }, - "VMHeartBeatRGTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "VM Heart Beat RG Time Aggregation", - "description": "Time Aggregation for the alert" - }, - "type": "string" - }, - "VMHeartBeatRGFailingPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Heart Beat RG Failing Periods", - "description": "Failing Periods for the alert" - }, - "type": "string" - }, - "VMNetworkInAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "VM Network In Alert Severity", - "description": "Severity of the alert for VM Network In" - }, - "type": "String" - }, - "VMNetworkInWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "displayName": "VM Network In Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VMNetworkInEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VM Network In Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VMNetworkInAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Network In Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VMNetworkInAutoResolve": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Network In Auto Resolve", - "description": "Auto Resolve for the alert" - }, - "type": "string" - }, - "VMNetworkInAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "displayName": "VM Network In Auto Resolve Time", - "description": "Auto Resolve Time for the alert" - }, - "type": "string" - }, - "VMNetworkInPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VM Network In Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "VMNetworkInAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Network In Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VMNetworkInThreshold": { - "defaultValue": "10000000", - "metadata": { - "displayName": "VM Network In Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VMNetworkInOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "VM Network In Operator", - "description": "Operator for the alert" - }, - "type": "string" - }, - "VMNetworkInTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "VM Network In Time Aggregation", - "description": "Time Aggregation for the alert" - }, - "type": "string" - }, - "VMNetworkInEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Network In Evaluation Periods", - "description": "Evaluation Periods for the alert" - }, - "type": "string" - }, - "VMNetworkInFailingPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Network In Failing Periods", - "description": "Failing Periods for the alert" - }, - "type": "string" - }, - "VMNetworkInComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "displayName": "VM Network In Computers To Include", - "description": "Computers To Include for the alert" - }, - "type": "array" - }, - "VMNetworkOutAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "VM Network Out Alert Severity", - "description": "Severity of the alert for VM Network Out" - }, - "type": "String" - }, - "VMNetworkOutWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "displayName": "VM Network Out Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VMNetworkOutEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VM Network Out Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VMNetworkOutAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Network Out Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VMNetworkOutAutoResolve": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Network Out Auto Resolve", - "description": "Auto Resolve for the alert" - }, - "type": "string" - }, - "VMNetworkOutAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "displayName": "VM Network Out Auto Resolve Time", - "description": "Auto Resolve Time for the alert" - }, - "type": "string" - }, - "VMNetworkOutPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VM Network Out Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "VMNetworkOutAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Network Out Alert State", - "description": "Alert state for the alert, true will enable the alert, false will disable the alert" - }, - "type": "string" - }, - "VMNetworkOutThreshold": { - "defaultValue": "10000000", - "metadata": { - "displayName": "VM Network Out Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VMNetworkOutOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "VM Network Out Operator", - "description": "Operator for the alert" - }, - "type": "string" - }, - "VMNetworkOutTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "VM Network Out Time Aggregation", - "description": "Time Aggregation for the alert" - }, - "type": "string" - }, - "VMNetworkOutEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Network Out Evaluation Periods", - "description": "Evaluation Periods for the alert" - }, - "type": "string" - }, - "VMNetworkOutFailingPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Network Out Failing Periods", - "description": "Failing Periods for the alert" - }, - "type": "string" - }, - "VMNetworkOutComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "displayName": "VM Network Out Computers To Include", - "description": "Computers To Include for the alert" - }, - "type": "array" - }, - "VMOSDiskReadLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "VM OS Disk Read Latency Alert Severity", - "description": "Severity of the alert for VM OS Disk Read Latency" - }, - "type": "String" - }, - "VMOSDiskReadLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "displayName": "VM OS Disk Read Latency Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VMOSDiskReadLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VM OS Disk Read Latency Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VMOSDiskReadLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VM OS Disk Read Latency Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VMOSDiskReadLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "displayName": "VM OS Disk Read Latency Auto Resolve", - "description": "Auto Resolve for the alert" - }, - "type": "string" - }, - "VMOSDiskReadLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "displayName": "VM OS Disk Read Latency Auto Resolve Time", - "description": "Auto Resolve Time for the alert" - }, - "type": "string" - }, - "VMOSDiskReadLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VM OS Disk Read Latency Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "VMOSDiskReadLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VM OS Disk Read Latency Alert State", - "description": "Alert state for the alert, true will enable the alert, false will disable the alert" - }, - "type": "string" - }, - "VMOSDiskReadLatencyThreshold": { - "defaultValue": "30", - "metadata": { - "displayName": "VM OS Disk Read Latency Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VMOSDiskReadLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "VM OS Disk Read Latency Operator", - "description": "Operator for the alert" - }, - "type": "string" - }, - "VMOSDiskReadLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "VM OS Disk Read Latency Time Aggregation", - "description": "Time Aggregation for the alert" - }, - "type": "string" - }, - "VMOSDiskReadLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM OS Disk Read Latency Evaluation Periods", - "description": "Evaluation Periods for the alert" - }, - "type": "string" - }, - "VMOSDiskReadLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM OS Disk Read Latency Failing Periods", - "description": "Failing Periods for the alert" - }, - "type": "string" - }, - "VMOSDiskReadLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "displayName": "VM OS Disk Read Latency Computers To Include", - "description": "Computers To Include for the alert" - }, - "type": "array" - }, - "VMOSDiskWriteLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "VM OS Disk Write Latency Alert Severity", - "description": "Severity of the alert for VM OS Disk Write Latency" - }, - "type": "String" - }, - "VMOSDiskWriteLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "displayName": "VM OS Disk Write Latency Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VM OS Disk Write Latency Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VM OS Disk Write Latency Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "displayName": "VM OS Disk Write Latency Auto Resolve", - "description": "Auto Resolve for the alert" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "displayName": "VM OS Disk Write Latency Auto Resolve Time", - "description": "Auto Resolve Time for the alert" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VM OS Disk Write Latency Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VM OS Disk Write Latency Alert State", - "description": "Alert state for the alert, true will enable the alert, false will disable the alert" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyThreshold": { - "defaultValue": "30", - "metadata": { - "displayName": "VM OS Disk Write Latency Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "VM OS Disk Write Latency Operator", - "description": "Operator for the alert" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "VM OS Disk Write Latency Time Aggregation", - "description": "Time Aggregation for the alert" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM OS Disk Write Latency Evaluation Periods", - "description": "Evaluation Periods for the alert" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM OS Disk Write Latency Failing Periods", - "description": "Failing Periods for the alert" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "displayName": "VM OS Disk Write Latency Computers To Include", - "description": "Computers To Include for the alert" - }, - "type": "array" - }, - "VMOSDiskSpaceAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "VM OS Disk Space Alert Severity", - "description": "Severity of the alert for VM OS Disk Space" - }, - "type": "String" - }, - "VMOSDiskSpaceWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "displayName": "VM OS Disk Space Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VMOSDiskSpaceEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VM OS Disk Space Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VMOSDiskSpaceAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VM OS Disk Space Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VMOSDiskSpaceAutoResolve": { - "defaultValue": "true", - "metadata": { - "displayName": "VM OS Disk Space Auto Resolve", - "description": "Auto Resolve for the alert" - }, - "type": "string" - }, - "VMOSDiskSpaceAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "displayName": "VM OS Disk Space Auto Resolve Time", - "description": "Auto Resolve Time for the alert" - }, - "type": "string" - }, - "VMOSDiskSpacePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VM OS Disk Space Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "VMOSDiskSpaceAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VM OS Disk Space Alert State", - "description": "Alert state for the alert, true will enable the alert, false will disable the alert" - }, - "type": "string" - }, - "VMOSDiskSpaceThreshold": { - "defaultValue": "10", - "metadata": { - "displayName": "VM OS Disk Space Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VMOSDiskSpaceOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "VM OS Disk Space Operator", - "description": "Operator for the alert" - }, - "type": "string" - }, - "VMOSDiskSpaceTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "VM OS Disk Space Time Aggregation", - "description": "Time Aggregation for the alert" - }, - "type": "string" - }, - "VMOSDiskSpaceEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM OS Disk Space Evaluation Periods", - "description": "Evaluation Periods for the alert" - }, - "type": "string" - }, - "VMOSDiskSpaceFailingPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM OS Disk Space Failing Periods", - "description": "Failing Periods for the alert" - }, - "type": "string" - }, - "VMOSDiskSpaceComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "displayName": "VM OS Disk Space Computers To Include", - "description": "Computers To Include for the alert" - }, - "type": "array" - }, - "KVCapacityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "Key Vault Capacity Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "KVCapacityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Key Vault Capacity Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VMPercentCPUEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VM Percent CPU Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VMPercentCPUAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Percent CPU Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VMPercentCPUAutoResolve": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Percent CPU Auto Resolve", - "description": "Auto Resolve for the alert" - }, - "type": "string" - }, - "VMPercentCPUAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "displayName": "VM Percent CPU Auto Resolve Time", - "description": "Auto Resolve Time for the alert" - }, - "type": "string" - }, - "VMPercentCPUPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VM Percent CPU Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "VMPercentCPUAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Percent CPU Alert State", - "description": "Alert state for the alert, true will enable the alert, false will disable the alert" - }, - "type": "string" - }, - "VMPercentCPUThreshold": { - "defaultValue": "85", - "metadata": { - "displayName": "VM Percent CPU Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VMPercentCPUOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "VM Percent CPU Operator", - "description": "Operator for the alert" - }, - "type": "string" - }, - "VMPercentCPUTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "VM Percent CPU Time Aggregation", - "description": "Time Aggregation for the alert" - }, - "type": "string" - }, - "VMPercentCPUFailingPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Percent CPU Failing Periods", - "description": "Failing Periods for the alert" - }, - "type": "string" - }, - "VMPercentMemoryAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "VM Percent Memory Alert Severity", - "description": "Severity of the alert for VM Percent Memory" - }, - "type": "String" - }, - "VMPercentMemoryWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "displayName": "VM Percent Memory Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VMPercentMemoryEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VM Percent Memory Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VMPercentMemoryAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Percent Memory Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VMPercentMemoryAutoResolve": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Percent Memory Auto Resolve", - "description": "Auto Resolve for the alert" - }, - "type": "string" - }, - "VMPercentMemoryAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "displayName": "VM Percent Memory Auto Resolve Time", - "description": "Auto Resolve Time for the alert" - }, - "type": "string" - }, - "VMPercentMemoryPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VM Percent Memory Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "VMPercentMemoryAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Percent Memory Alert State", - "description": "Alert state for the alert, true will enable the alert, false will disable the alert" - }, - "type": "string" - }, - "VMPercentMemoryThreshold": { - "defaultValue": "10", - "metadata": { - "displayName": "VM Percent Memory Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VMPercentMemoryOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "VM Percent Memory Operator", - "description": "Operator for the alert" - }, - "type": "string" - }, - "VMPercentMemoryTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "VM Percent Memory Time Aggregation", - "description": "Time Aggregation for the alert" - }, - "type": "string" - }, - "VMDataDiskSpaceAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "VM Data Disk Space Alert Severity", - "description": "Severity of the alert for VM Data Disk Space" - }, - "type": "String" - }, - "VMDataDiskSpaceWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "displayName": "VM Data Disk Space Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VMDataDiskSpaceEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VM Data Disk Space Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VMDataDiskSpaceAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Data Disk Space Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VMDataDiskSpaceAutoResolve": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Data Disk Space Auto Resolve", - "description": "Auto Resolve for the alert" - }, - "type": "string" - }, - "VMDataDiskSpaceAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "displayName": "VM Data Disk Space Auto Resolve Time", - "description": "Auto Resolve Time for the alert" - }, - "type": "string" - }, - "VMDataDiskSpacePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VM Data Disk Space Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "VMDataDiskSpaceAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Data Disk Space Alert State", - "description": "Alert state for the alert, true will enable the alert, false will disable the alert" - }, - "type": "string" - }, - "VMDataDiskSpaceThreshold": { - "defaultValue": "10", - "metadata": { - "displayName": "VM Data Disk Space Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VMDataDiskSpaceOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "VM Data Disk Space Operator", - "description": "Operator for the alert" - }, - "type": "string" - }, - "VMDataDiskSpaceTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "VM Data Disk Space Time Aggregation", - "description": "Time Aggregation for the alert" - }, - "type": "string" - }, - "VMDataDiskSpaceEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Data Disk Space Evaluation Periods", - "description": "Evaluation Periods for the alert" - }, - "type": "string" - }, - "VMDataDiskSpaceFailingPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Data Disk Space Failing Periods", - "description": "Failing Periods for the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "VM Data Disk Read Latency Alert Severity", - "description": "Severity of the alert for VM Data Disk Read Latency" - }, - "type": "String" - }, - "VMDataDiskReadLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "displayName": "VM Data Disk Read Latency Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VM Data Disk Read Latency Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Data Disk Read Latency Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Data Disk Read Latency Auto Resolve", - "description": "Auto Resolve for the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "displayName": "VM Data Disk Read Latency Auto Resolve Time", - "description": "Auto Resolve Time for the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VM Data Disk Read Latency Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "VMDataDiskReadLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Data Disk Read Latency Alert State", - "description": "Alert state for the alert, true will enable the alert, false will disable the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyThreshold": { - "defaultValue": "30", - "metadata": { - "displayName": "VM Data Disk Read Latency Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "VM Data Disk Read Latency Operator", - "description": "Operator for the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "VM Data Disk Read Latency Time Aggregation", - "description": "Time Aggregation for the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Data Disk Read Latency Evaluation Periods", - "description": "Evaluation Periods for the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Data Disk Read Latency Failing Periods", - "description": "Failing Periods for the alert" - }, - "type": "string" - }, - "VMDataDiskReadLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "displayName": "VM Data Disk Read Latency Computers To Include", - "description": "Computers To Include for the alert" - }, - "type": "array" - }, - "VMDataDiskWriteLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "VM Data Disk Write Latency Alert Severity", - "description": "Severity of the alert for VM Data Disk Write Latency" - }, - "type": "String" - }, - "VMDataDiskWriteLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "displayName": "VM Data Disk Write Latency Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VM Data Disk Write Latency Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Data Disk Write Latency Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Data Disk Write Latency Auto Resolve", - "description": "Auto Resolve for the alert" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "displayName": "VM Data Disk Write Latency Auto Resolve Time", - "description": "Auto Resolve Time for the alert" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VM Data Disk Write Latency Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VM Data Disk Write Latency Alert State", - "description": "Alert state for the alert, true will enable the alert, false will disable the alert" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyThreshold": { - "defaultValue": "30", - "metadata": { - "displayName": "VM Data Disk Write Latency Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "VM Data Disk Write Latency Operator", - "description": "Operator for the alert" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "VM Data Disk Write Latency Time Aggregation", - "description": "Time Aggregation for the alert" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Data Disk Write Latency Evaluation Periods", - "description": "Evaluation Periods for the alert" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "VM Data Disk Write Latency Failing Periods", - "description": "Failing Periods for the alert" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "displayName": "VM Data Disk Write Latency Computers To Include", - "description": "Computers To Include for the alert" - }, - "type": "array" - }, - "WSFCPUPercentageAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "WSF CPU Percentage Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "WSFCPUPercentageWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "WSF CPU Percentage Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "WSFCPUPercentageEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "WSF CPU Percentage Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "WSFCPUPercentagePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "WSF CPU Percentage Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "WSFCPUPercentageAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "WSF CPU Percentage Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "WSFMemoryPercentageAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "WSF Memory Percentage Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "WSFMemoryPercentageWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "WSF Memory Percentage Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "WSFMemoryPercentageEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "WSF Memory Percentage Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "WSFMemoryPercentagePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "WSF Memory Percentage Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "WSFMemoryPercentageAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "WSF Memory Percentage Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "WSFDiskQueueLengthAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "WSF Disk Queue Lenght Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "WSFDiskQueueLengthWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "WSF Disk Queue Lenght Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "WSFDiskQueueLengthEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "WSF Disk Queue Lenght Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "WSFDiskQueueLengthPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "WSF Disk Queue Lenght Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "WSFDiskQueueLengthAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "WSF Disk Queue Lenght Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "WSFHttpQueueLengthAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "WSF HTTP Queue Lenght Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "WSFHttpQueueLengthWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "WSF HTTP Queue Lenght Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "WSFHttpQueueLengthEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "WSF HTTP Queue Lenght Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "WSFHttpQueueLengthPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "WSF HTTP Queue Lenght Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "WSFHttpQueueLengthAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "WSF HTTP Queue Lenght Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "VMPercentCPUAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "VM Percent CPU Alert Severity", - "description": "Severity of the alert for VM Percent CPU" - }, - "type": "String" - }, - "VMPercentCPUWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "displayName": "VM Percent CPU Window Size", - "description": "Window size for the alert" - }, - "type": "string" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_KVRequest", - "policyDefinitionName": "Deploy_KeyVault_Requests_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KVRequestEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('KVRequestWindowSize')]" - }, - "severity": { - "value": "[parameters('KVRequestAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('KVRequestAlertState')]" - }, - "effect": { - "value": "[parameters('KVRequestPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_KvAvailability", - "policyDefinitionName": "Deploy_KeyVault_Availability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KvAvailabilityEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('KvAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('KvAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('KvAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('KvAvailabilityPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('KVAvailabilityThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_KvLatencyAvailability", - "policyDefinitionName": "Deploy_KeyVault_Latency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KvLatencyAvailabilityEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('KvLatencyAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('KvLatencyAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('KvLatencyAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('KvLatencyAvailabilityPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('KvLatencyAvailabilityThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_KVCapacity", - "policyDefinitionName": "Deploy_KeyVault_Capacity_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('KVCapacityEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('KVCapacityWindowSize')]" - }, - "severity": { - "value": "[parameters('KVCapacityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('KVCapacityAlertState')]" - }, - "effect": { - "value": "[parameters('KVCapacityPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('KVCapacityThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityKVDelete", - "policyDefinitionName": "Deploy_activitylog_KeyVault_Delete", - "parameters": { - "enabled": { - "value": "[parameters('activityKVDeleteAlertState')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_StorageAccountAvailability", - "policyDefinitionName": "Deploy_StorageAccount_Availability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('StorageAccountAvailabilityFrequency')]" - }, - "windowSize": { - "value": "[parameters('StorageAccountAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('StorageAccountAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('StorageAccountAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('StorageAccountAvailabilityPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('StorageAccountAvailabilityThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activitySADelete", - "policyDefinitionName": "Deploy_activitylog_StorageAccount_Delete", - "parameters": { - "enabled": { - "value": "[parameters('StorageAccountDeleteAlertState')]" - }, - "effect": { - "value": "[parameters('StorageAccountDeletePolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PIPBytesInDDoS", - "policyDefinitionName": "Deploy_PublicIp_BytesInDDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPBytesInDDoSEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('PIPBytesInDDoSWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPBytesInDDoSAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPBytesInDDoSAlertState')]" - }, - "effect": { - "value": "[parameters('PIPBytesInDDoSPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPBytesInDDoSThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PIPDDoSAttack", - "policyDefinitionName": "Deploy_PublicIp_DDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPDDoSAttackEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('PIPDDoSAttackWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPDDoSAttackAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPDDoSAttackAlertState')]" - }, - "effect": { - "value": "[parameters('PIPDDoSAttackPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPDDoSAttackThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PIPPacketsInDDoS", - "policyDefinitionName": "Deploy_PublicIp_PacketsInDDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPPacketsInDDoSEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('PIPPacketsInDDoSWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPPacketsInDDoSAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPPacketsInDDoSAlertState')]" - }, - "effect": { - "value": "[parameters('PIPPacketsInDDoSPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPPacketsInDDoSThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PIPVIPAvailability", - "policyDefinitionName": "Deploy_PublicIp_VIPAvailability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPVIPAvailabilityEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('PIPVIPAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPVIPAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPVIPAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('PIPVIPAvailabilityPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPVIPAvailabilityThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityNSGDelete", - "policyDefinitionName": "Deploy_activitylog_NSG_Delete", - "parameters": { - "enabled": { - "value": "[parameters('activityNSGDeleteAlertState')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityUDRUpdate", - "policyDefinitionName": "Deploy_activitylog_RouteTable_Update", - "parameters": { - "enabled": { - "value": "[parameters('activityUDRUpdateAlertState')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_RVBackupHealthMonitor", - "policyDefinitionName": "Deploy_RecoveryVault_BackupHealthMonitor_Alert", - "parameters": { - "effect": { - "value": "[parameters('RVBackupHealthMonitorPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VNETDDOSAttack", - "policyDefinitionName": "Deploy_VNET_DDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VNETDDOSAttackEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VNETDDOSAttackWindowSize')]" - }, - "severity": { - "value": "[parameters('VNETDDOSAttackAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VNETDDOSAttackAlertState')]" - }, - "effect": { - "value": "[parameters('VNETDDOSAttackPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VNETDDOSAttackThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMHeartBeatRG", - "policyDefinitionName": "Deploy_VM_HeartBeat_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMHeartBeatRGEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VMHeartBeatRGWindowSize')]" - }, - "severity": { - "value": "[parameters('VMHeartBeatRGAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VMHeartBeatRGAlertState')]" - }, - "effect": { - "value": "[parameters('VMHeartBeatRGPolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "threshold": { - "value": "[parameters('VMHeartBeatRGThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMHeartBeatRGFailingPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('VMHeartBeatRGTimeAggregation')]" - }, - "autoResolveTime": { - "value": "[parameters('VMHeartBeatRGAutoResolveTime')]" - }, - "autoMitigate": { - "value": "[parameters('VMHeartBeatRGAutoMitigate')]" - }, - "autoResolve": { - "value": "[parameters('VMHeartBeatRGAutoResolve')]" - }, - "operator": { - "value": "[parameters('VMHeartBeatRGOperator')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMNetworkIn", - "policyDefinitionName": "Deploy_VM_NetworkIn_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMNetworkInEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VMNetworkInWindowSize')]" - }, - "severity": { - "value": "[parameters('VMNetworkInAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VMNetworkInAlertState')]" - }, - "effect": { - "value": "[parameters('VMNetworkInPolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "threshold": { - "value": "[parameters('VMNetworkInThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMNetworkInFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMNetworkInEvaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('VMNetworkInTimeAggregation')]" - }, - "autoResolveTime": { - "value": "[parameters('VMNetworkInAutoResolveTime')]" - }, - "autoMitigate": { - "value": "[parameters('VMNetworkInAutoMitigate')]" - }, - "autoResolve": { - "value": "[parameters('VMNetworkInAutoResolve')]" - }, - "computersToInclude": { - "value": "[parameters('VMNetworkInComputersToInclude')]" - }, - "operator": { - "value": "[parameters('VMNetworkInOperator')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMNetworkOut", - "policyDefinitionName": "Deploy_VM_NetworkOut_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMNetworkOutEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VMNetworkOutWindowSize')]" - }, - "severity": { - "value": "[parameters('VMNetworkOutAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VMNetworkOutAlertState')]" - }, - "effect": { - "value": "[parameters('VMNetworkOutPolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "threshold": { - "value": "[parameters('VMNetworkOutThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMNetworkOutFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMNetworkOutEvaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('VMNetworkOutTimeAggregation')]" - }, - "autoResolveTime": { - "value": "[parameters('VMNetworkOutAutoResolveTime')]" - }, - "autoMitigate": { - "value": "[parameters('VMNetworkOutAutoMitigate')]" - }, - "autoResolve": { - "value": "[parameters('VMNetworkOutAutoResolve')]" - }, - "computersToInclude": { - "value": "[parameters('VMNetworkOutComputersToInclude')]" - }, - "operator": { - "value": "[parameters('VMNetworkOutOperator')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMOSDiskReadLatency", - "policyDefinitionName": "Deploy_VM_OSDiskreadLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMOSDiskReadLatencyEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VMOSDiskReadLatencyWindowSize')]" - }, - "severity": { - "value": "[parameters('VMOSDiskReadLatencyAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VMOSDiskReadLatencyAlertState')]" - }, - "effect": { - "value": "[parameters('VMOSDiskReadLatencyPolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "threshold": { - "value": "[parameters('VMOSDiskReadLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMOSDiskReadLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMOSDiskReadLatencyEvaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('VMOSDiskReadLatencyTimeAggregation')]" - }, - "autoResolveTime": { - "value": "[parameters('VMOSDiskReadLatencyAutoResolveTime')]" - }, - "autoMitigate": { - "value": "[parameters('VMOSDiskReadLatencyAutoMitigate')]" - }, - "autoResolve": { - "value": "[parameters('VMOSDiskReadLatencyAutoResolve')]" - }, - "computersToInclude": { - "value": "[parameters('VMOSDiskReadLatencyComputersToInclude')]" - }, - "operator": { - "value": "[parameters('VMOSDiskReadLatencyOperator')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMOSDiskWriteLatency", - "policyDefinitionName": "Deploy_VM_OSDiskwriteLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMOSDiskWriteLatencyEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VMOSDiskWriteLatencyWindowSize')]" - }, - "severity": { - "value": "[parameters('VMOSDiskWriteLatencyAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VMOSDiskWriteLatencyAlertState')]" - }, - "effect": { - "value": "[parameters('VMOSDiskWriteLatencyPolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "threshold": { - "value": "[parameters('VMOSDiskWriteLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMOSDiskWriteLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMOSDiskWriteLatencyEvaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('VMOSDiskWriteLatencyTimeAggregation')]" - }, - "autoResolveTime": { - "value": "[parameters('VMOSDiskWriteLatencyAutoResolveTime')]" - }, - "autoMitigate": { - "value": "[parameters('VMOSDiskWriteLatencyAutoMitigate')]" - }, - "autoResolve": { - "value": "[parameters('VMOSDiskWriteLatencyAutoResolve')]" - }, - "computersToInclude": { - "value": "[parameters('VMOSDiskWriteLatencyComputersToInclude')]" - }, - "operator": { - "value": "[parameters('VMOSDiskWriteLatencyOperator')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMOSDiskSpace", - "policyDefinitionName": "Deploy_VM_OSDiskSpace_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMOSDiskSpaceEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VMOSDiskSpaceWindowSize')]" - }, - "severity": { - "value": "[parameters('VMOSDiskSpaceAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VMOSDiskSpaceAlertState')]" - }, - "effect": { - "value": "[parameters('VMOSDiskSpacePolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "threshold": { - "value": "[parameters('VMOSDiskSpaceThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMOSDiskSpaceFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMOSDiskSpaceEvaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('VMOSDiskSpaceTimeAggregation')]" - }, - "autoResolveTime": { - "value": "[parameters('VMOSDiskSpaceAutoResolveTime')]" - }, - "autoMitigate": { - "value": "[parameters('VMOSDiskSpaceAutoMitigate')]" - }, - "autoResolve": { - "value": "[parameters('VMOSDiskSpaceAutoResolve')]" - }, - "computersToInclude": { - "value": "[parameters('VMOSDiskSpaceComputersToInclude')]" - }, - "operator": { - "value": "[parameters('VMOSDiskSpaceOperator')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMPercentCPU", - "policyDefinitionName": "Deploy_VM_CPU_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMPercentCPUEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VMPercentCPUWindowSize')]" - }, - "severity": { - "value": "[parameters('VMPercentCPUAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VMPercentCPUAlertState')]" - }, - "effect": { - "value": "[parameters('VMPercentCPUPolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "threshold": { - "value": "[parameters('VMPercentCPUThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMPercentCPUFailingPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('VMPercentCPUTimeAggregation')]" - }, - "autoResolveTime": { - "value": "[parameters('VMPercentCPUAutoResolveTime')]" - }, - "autoMitigate": { - "value": "[parameters('VMPercentCPUAutoMitigate')]" - }, - "autoResolve": { - "value": "[parameters('VMPercentCPUAutoResolve')]" - }, - "operator": { - "value": "[parameters('VMPercentCPUOperator')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMPercentMemory", - "policyDefinitionName": "Deploy_VM_Memory_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMPercentMemoryEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VMPercentMemoryWindowSize')]" - }, - "severity": { - "value": "[parameters('VMPercentMemoryAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VMPercentMemoryAlertState')]" - }, - "effect": { - "value": "[parameters('VMPercentMemoryPolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "threshold": { - "value": "[parameters('VMPercentMemoryThreshold')]" - }, - "timeAggregation": { - "value": "[parameters('VMPercentMemoryTimeAggregation')]" - }, - "autoResolveTime": { - "value": "[parameters('VMPercentMemoryAutoResolveTime')]" - }, - "autoMitigate": { - "value": "[parameters('VMPercentMemoryAutoMitigate')]" - }, - "autoResolve": { - "value": "[parameters('VMPercentMemoryAutoResolve')]" - }, - "operator": { - "value": "[parameters('VMPercentMemoryOperator')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMDataDiskSpace", - "policyDefinitionName": "Deploy_VM_dataDiskSpace_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMDataDiskSpaceEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VMDataDiskSpaceWindowSize')]" - }, - "severity": { - "value": "[parameters('VMDataDiskSpaceAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VMDataDiskSpaceAlertState')]" - }, - "effect": { - "value": "[parameters('VMDataDiskSpacePolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "threshold": { - "value": "[parameters('VMDataDiskSpaceThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMDataDiskSpaceFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMDataDiskSpaceEvaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('VMDataDiskSpaceTimeAggregation')]" - }, - "autoResolveTime": { - "value": "[parameters('VMDataDiskSpaceAutoResolveTime')]" - }, - "autoMitigate": { - "value": "[parameters('VMDataDiskSpaceAutoMitigate')]" - }, - "autoResolve": { - "value": "[parameters('VMDataDiskSpaceAutoResolve')]" - }, - "operator": { - "value": "[parameters('VMDataDiskSpaceOperator')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMDataDiskReadLatency", - "policyDefinitionName": "Deploy_VM_dataDiskReadLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMDataDiskReadLatencyEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VMDataDiskReadLatencyWindowSize')]" - }, - "severity": { - "value": "[parameters('VMDataDiskReadLatencyAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VMDataDiskReadLatencyAlertState')]" - }, - "effect": { - "value": "[parameters('VMDataDiskReadLatencyPolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "threshold": { - "value": "[parameters('VMDataDiskReadLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMDataDiskReadLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMDataDiskReadLatencyEvaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('VMDataDiskReadLatencyTimeAggregation')]" - }, - "autoResolveTime": { - "value": "[parameters('VMDataDiskReadLatencyAutoResolveTime')]" - }, - "autoMitigate": { - "value": "[parameters('VMDataDiskReadLatencyAutoMitigate')]" - }, - "autoResolve": { - "value": "[parameters('VMDataDiskReadLatencyAutoResolve')]" - }, - "computersToInclude": { - "value": "[parameters('VMDataDiskReadLatencyComputersToInclude')]" - }, - "operator": { - "value": "[parameters('VMDataDiskReadLatencyOperator')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMDataDiskWriteLatency", - "policyDefinitionName": "Deploy_VM_dataDiskWriteLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMDataDiskWriteLatencyEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('VMDataDiskWriteLatencyWindowSize')]" - }, - "severity": { - "value": "[parameters('VMDataDiskWriteLatencyAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VMDataDiskWriteLatencyAlertState')]" - }, - "effect": { - "value": "[parameters('VMDataDiskWriteLatencyPolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "threshold": { - "value": "[parameters('VMDataDiskWriteLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMDataDiskWriteLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMDataDiskWriteLatencyEvaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('VMDataDiskWriteLatencyTimeAggregation')]" - }, - "autoResolveTime": { - "value": "[parameters('VMDataDiskWriteLatencyAutoResolveTime')]" - }, - "autoMitigate": { - "value": "[parameters('VMDataDiskWriteLatencyAutoMitigate')]" - }, - "autoResolve": { - "value": "[parameters('VMDataDiskWriteLatencyAutoResolve')]" - }, - "computersToInclude": { - "value": "[parameters('VMDataDiskWriteLatencyComputersToInclude')]" - }, - "operator": { - "value": "[parameters('VMDataDiskWriteLatencyOperator')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWTotalTime", - "policyDefinitionName": "Deploy_AG_ApplicationGatewayTotalTime_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWApplicationGatewayTotalTimeEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('AGWApplicationGatewayTotalTimeWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWApplicationGatewayTotalTimeAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWApplicationGatewayTotalTimeAlertState')]" - }, - "effect": { - "value": "[parameters('AGWApplicationGatewayTotalTimePolicyEffect')]" - }, - "alertSensitivity": { - "value": "[parameters('AGWApplicationGatewayTotalTimeAlertSensitivity')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWBackendLastByteResponseTime", - "policyDefinitionName": "Deploy_AG_BackendLastByteResponseTime_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWBackendLastByteResponseTimeEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('AGWBackendLastByteResponseTimeWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWBackendLastByteResponseTimeAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWBackendLastByteResponseTimeAlertState')]" - }, - "effect": { - "value": "[parameters('AGWBackendLastByteResponseTimePolicyEffect')]" - }, - "alertSensitivity": { - "value": "[parameters('AGWBackendLastByteResponseTimeAlertSensitivity')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWCapacityUnits", - "policyDefinitionName": "Deploy_AG_CapacityUnits_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWCapacityUnitsEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('AGWCapacityUnitsWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWCapacityUnitsAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWCapacityUnitsAlertState')]" - }, - "effect": { - "value": "[parameters('AGWCapacityUnitsPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWComputeUnits", - "policyDefinitionName": "Deploy_AG_ComputeUnits_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWComputeUnitsEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('AGWComputeUnitsWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWComputeUnitsAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWComputeUnitsAlertState')]" - }, - "effect": { - "value": "[parameters('AGWComputeUnitsPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWCPUUtilization", - "policyDefinitionName": "Deploy_AG_CPUUtilization_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWCPUUtilEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('AGWCPUUtilWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWCPUUtilAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWCPUUtilAlertState')]" - }, - "effect": { - "value": "[parameters('AGWCPUUtilPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWFailedRequests", - "policyDefinitionName": "Deploy_AG_FailedRequests_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWFailedRequestsEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('AGWFailedRequestsWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWFailedRequestsAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWFailedRequestsAlertState')]" - }, - "effect": { - "value": "[parameters('AGWFailedRequestsPolicyEffect')]" - }, - "alertSensitivity": { - "value": "[parameters('AGWFailedRequestsAlertSensitivity')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWResponseStatus", - "policyDefinitionName": "Deploy_AG_ResponseStatus_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWResponseStatusEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('AGWResponseStatusWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWResponseStatusAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWResponseStatusAlertState')]" - }, - "effect": { - "value": "[parameters('AGWResponseStatusPolicyEffect')]" - }, - "alertSensitivity": { - "value": "[parameters('AGWResponseStatusAlertSensitivity')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWUnhealthyHostCount", - "policyDefinitionName": "Deploy_AG_UnhealthyHostCount_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWUnhealthyHostCountEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('AGWUnhealthyHostCountWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWUnhealthyHostCountAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWUnhealthyHostCountAlertState')]" - }, - "effect": { - "value": "[parameters('AGWUnhealthyHostCountPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBDataPathAvailability", - "policyDefinitionName": "Deploy_ALB_DataPathAvailability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBDataPathAvailabilityEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('LBDataPathAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('LBDataPathAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBDataPathAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('LBDataPathAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBGlobalBackendAvailability", - "policyDefinitionName": "Deploy_ALB_GlobalBackendAvailability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBGlobalBackendAvailabilityEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('LBGlobalBackendAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('LBGlobalBackendAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBGlobalBackendAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('LBGlobalBackendAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBHealthProbeStatus", - "policyDefinitionName": "Deploy_ALB_HealthProbeStatus_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBHealthProbeStatusEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('LBHealthProbeStatusWindowSize')]" - }, - "severity": { - "value": "[parameters('LBHealthProbeStatusAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBHealthProbeStatusAlertState')]" - }, - "effect": { - "value": "[parameters('LBHealthProbeStatusPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBUsedSNATPorts", - "policyDefinitionName": "Deploy_ALB_UsedSNATPorts_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBUsedSNATPortsEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('LBUsedSNATPortsWindowSize')]" - }, - "severity": { - "value": "[parameters('LBUsedSNATPortsAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBUsedSNATPortsAlertState')]" - }, - "effect": { - "value": "[parameters('LBUsedSNATPortsPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_CDNPOriginHealthPercentage", - "policyDefinitionName": "Deploy_FrontDoorCDN_OriginHealthPercentage_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('CDNPOriginHealthPercentageEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('CDNPOriginHealthPercentageWindowSize')]" - }, - "severity": { - "value": "[parameters('CDNPOriginHealthPercentageAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('CDNPOriginHealthPercentageAlertState')]" - }, - "effect": { - "value": "[parameters('CDNPOriginHealthPercentagePolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_CDNPOriginLatency", - "policyDefinitionName": "Deploy_FrontDoorCDN_OriginLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('CDNPOriginLatencyEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('CDNPOriginLatencyWindowSize')]" - }, - "severity": { - "value": "[parameters('CDNPOriginLatencyAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('CDNPOriginLatencyAlertState')]" - }, - "effect": { - "value": "[parameters('CDNPOriginLatencyPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_CDNPPercentage4XX", - "policyDefinitionName": "Deploy_FrontDoorCDN_Percentage4XX_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('CDNPPercentage4XXEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('CDNPPercentage4XXWindowSize')]" - }, - "severity": { - "value": "[parameters('CDNPPercentage4XXAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('CDNPPercentage4XXAlertState')]" - }, - "effect": { - "value": "[parameters('CDNPPercentage4XXPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_CDNPPercentage5XX", - "policyDefinitionName": "Deploy_FrontDoorCDN_Percentage5XX_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('CDNPPercentage5XXEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('CDNPPercentage5XXWindowSize')]" - }, - "severity": { - "value": "[parameters('CDNPPercentage5XXAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('CDNPPercentage5XXAlertState')]" - }, - "effect": { - "value": "[parameters('CDNPPercentage5XXPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_TMEndpointHealth", - "policyDefinitionName": "Deploy_TM_EndpointHealth_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('TMEndpointHealthEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('TMEndpointHealthWindowSize')]" - }, - "severity": { - "value": "[parameters('TMEndpointHealthAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('TMEndpointHealthAlertState')]" - }, - "effect": { - "value": "[parameters('TMEndpointHealthPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_WSFCPUPercentage", - "policyDefinitionName": "Deploy_WSF_CPUPercentage_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('WSFCPUPercentageEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('WSFCPUPercentageWindowSize')]" - }, - "severity": { - "value": "[parameters('WSFCPUPercentageAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('WSFCPUPercentageAlertState')]" - }, - "effect": { - "value": "[parameters('WSFCPUPercentagePolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_WSFMemoryPercentage", - "policyDefinitionName": "Deploy_WSF_MemoryPercentage_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('WSFMemoryPercentageEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('WSFMemoryPercentageWindowSize')]" - }, - "severity": { - "value": "[parameters('WSFMemoryPercentageAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('WSFMemoryPercentageAlertState')]" - }, - "effect": { - "value": "[parameters('WSFMemoryPercentagePolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_WSFDiskQueueLength", - "policyDefinitionName": "Deploy_WSF_DiskQueueLength_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('WSFDiskQueueLengthEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('WSFDiskQueueLengthWindowSize')]" - }, - "severity": { - "value": "[parameters('WSFDiskQueueLengthAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('WSFDiskQueueLengthAlertState')]" - }, - "effect": { - "value": "[parameters('WSFDiskQueueLengthPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_WSFHttpQueueLength", - "policyDefinitionName": "Deploy_WSF_HttpQueueLength_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('WSFHttpQueueLengthEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('WSFHttpQueueLengthWindowSize')]" - }, - "severity": { - "value": "[parameters('WSFHttpQueueLengthAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('WSFHttpQueueLengthAlertState')]" - }, - "effect": { - "value": "[parameters('WSFHttpQueueLengthPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_FDBackendHealth", - "policyDefinitionName": "Deploy_FD_BackendHealth_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('FDBackendHealthEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('FDBackendHealthWindowSize')]" - }, - "severity": { - "value": "[parameters('FDBackendHealthAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('FDBackendHealthAlertState')]" - }, - "effect": { - "value": "[parameters('FDBackendHealthPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_FDBackendRequestLatency", - "policyDefinitionName": "Deploy_FD_BackendRequestLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('FDBackendRequestLatencyEvaluationFrequency')]" - }, - "windowSize": { - "value": "[parameters('FDBackendRequestLatencyWindowSize')]" - }, - "severity": { - "value": "[parameters('FDBackendRequestLatencyAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('FDBackendRequestLatencyAlertState')]" - }, - "effect": { - "value": "[parameters('FDBackendRequestLatencyPolicyEffect')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-loadbalancing.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-loadbalancing.jsonc deleted file mode 100644 index a2352b13..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-loadbalancing.jsonc +++ /dev/null @@ -1,2595 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-LoadBalancing", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Load Balancing", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Load Balancing Services such as Load Balancer, Application Gateway, Traffic Manager, and Azure Front Door.", - "metadata": { - "alzCloudEnvironments": [ - "AzureCloud" - ], - "_deployed_by_amba": true, - "version": "1.1.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "LBGlobalBackendAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Global Backend Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBDatapathAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Data path Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBGlobalBackendAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "LB Global Backend Availability Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "LBGlobalBackendAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Global Backend Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "displayName": "ALZ Monitoring disabled tag values(s)", - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." - }, - "type": "Array" - }, - "LBHealthProbeStatusEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Health Probe Status Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBGlobalBackendAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Global Backend Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "PIP VIP Availability Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBGlobalBackendAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Global Backend Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "displayName": "ALZ Monitoring disabled tag name", - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." - }, - "type": "String" - }, - "LBDatapathAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "0", - "metadata": { - "displayName": "LB Data path Availability Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PIPPacketsInDDoSEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Packets In DDoS Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBDatapathAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Data path Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "LBUsedSNATPortsEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "LB Used SNAT Ports Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Bytes In DDoS Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "VNET DDoS Attack Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBDatapathAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Data path Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "LBHealthProbeStatusAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "LB Health Probe Status Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "LBDatapathAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Data path Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP DDoS Attack Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "LBHealthProbeStatusPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Health Probe Status Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "PIP VIP Availability Alert Severity", - "description": "Severity of the alert for PIP VIP Availability" - }, - "type": "String" - }, - "PIPVIPAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "PIP VIP Availability Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "LBHealthProbeStatusAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Health Probe Status Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPPacketsInDDoSAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "4", - "metadata": { - "displayName": "PIP Packets In DDoS Alert Severity", - "description": "Severity of the alert for PIP Packets In DDoS" - }, - "type": "String" - }, - "LBHealthProbeStatusWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Health Probe Status Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "LBUsedSNATPortsAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "LB Used SNAT Ports Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "PIPPacketsInDDoSPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "PIP Packets In DDoS Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "PIPVIPAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP VIP Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP VIP Availability Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "4", - "metadata": { - "displayName": "PIP Bytes In DDoS Alert Severity", - "description": "Severity of the alert for PIP Bytes In DDoS" - }, - "type": "String" - }, - "LBUsedSNATPortsPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LB Used SNAT Ports Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "PIPVIPAvailabilityThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "PIP VIP Availability Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "VNET DDoS Attack Alert Severity", - "description": "Severity of the alert for VNET DDoS Attack" - }, - "type": "String" - }, - "PIPPacketsInDDoSWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Packets In DDoS Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "VNET DDoS Attack Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "PIPBytesInDDoSPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "PIP Bytes In DDoS Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "PIPDDoSAttackAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "PIP DDoS Attack Alert Severity", - "description": "Severity of the alert for PIP DDoS Attack" - }, - "type": "String" - }, - "PIPPacketsInDDoSAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP Packets In DDoS Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "PIP DDoS Attack Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist" - }, - "type": "string" - }, - "LBUsedSNATPortsWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "LB Used SNAT Ports Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "LBUsedSNATPortsAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "LB Used SNAT Ports Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPPacketsInDDoSThreshold": { - "defaultValue": "40000", - "metadata": { - "displayName": "PIP Packets In DDoS Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "AGWApplicationGatewayTotalTimeEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Total Time Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimeEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "VNET DDoS Attack Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "VNET DDoS Attack Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP Bytes In DDoS Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP Bytes In DDoS Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "PIP DDoS Attack Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "VNETDDOSAttackThreshold": { - "defaultValue": "1", - "metadata": { - "displayName": "VNET DDoS Attack Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "PIPBytesInDDoSThreshold": { - "defaultValue": "8000000", - "metadata": { - "displayName": "PIP Bytes In DDoS Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "PIP DDoS Attack Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWApplicationGatewayTotalTimeAlertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "displayName": "AGW Total Time Dynamic Alert Sensitivity", - "description": "Dynamic Sensitivity of the alert" - }, - "type": "String" - }, - "AGWBackendLastByteResponseTimeAlertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Dynamic Alert Sensitivity", - "description": "Dynamic Severity of the alert" - }, - "type": "String" - }, - "CDNPOriginHealthPercentageEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "CDN Origin Health Percentage Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "PIPDDoSAttackThreshold": { - "defaultValue": "0", - "metadata": { - "displayName": "PIP DDoS Attack Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimeAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWApplicationGatewayTotalTimeAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Total Time Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWApplicationGatewayTotalTimePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Total Time Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "FDBackendRequestLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "FD Backend Request Latency Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimeAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWApplicationGatewayTotalTimeWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Total Time Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWApplicationGatewayTotalTimeAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Total Time Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimeWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWUnhealthyHostCountEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Unhealthy Host Count Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "CDNPOriginHealthPercentageAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "CDN Origin Health Percentage Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "CDNPOriginHealthPercentagePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "CDN Origin Health Percentage Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "CDNPPercentage5XXEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "CDN Percentage 5XX Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "CDNPOriginHealthPercentageAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "CDN Origin Health Percentage Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "CDNPOriginHealthPercentageWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "CDN Origin Health Percentage Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "CDNPOriginLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "CDN Origin Latency Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "CDNPPercentage4XXEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "CDN Percentage 4XX Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWResponseStatusEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Response Status Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWFailedRequestsEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Failed Requests Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "FDBackendRequestLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "FD Backend Request Latency Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "TMEndpointHealthEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "TM Enpoint Health Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWCapacityUnitsEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Capacity Units Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "FDBackendRequestLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "FD Backend Request Latency Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWComputeUnitsEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW Compute Units Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "FDBackendHealthEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "FD Backend Health Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWUnhealthyHostCountAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Unhealthy Host Count Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "FDBackendRequestLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "FD Backend Request Latency Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWUnhealthyHostCountPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Unhealthy Host Count Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWResponseStatusAlertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "displayName": "AGW Response Status Dynamic Alert Sensitivity", - "description": "Dynamic Sensitivity of the alert" - }, - "type": "String" - }, - "FDBackendRequestLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "FD Backend Request Latency Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWFailedRequestsAlertSensitivity": { - "allowedValues": [ - "Low", - "Medium", - "High" - ], - "defaultValue": "Medium", - "metadata": { - "displayName": "AGW Failed Requests Dynamic Alert Sensitivity", - "description": "Dynamic Sensitivity of the alert" - }, - "type": "String" - }, - "AGWUnhealthyHostCountAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Unhealthy Host Count Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWUnhealthyHostCountWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Unhealthy Host Count Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "CDNPPercentage5XXAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "CDN Percentage 5XX Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "CDNPOriginLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "CDN Origin Latancy Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "CDNPPercentage4XXAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "CDN Percentage 4XX Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWFailedRequestsAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Failed Requests Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWResponseStatusAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Response Status Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWFailedRequestsPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Failed Requests Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWCPUUtilEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AGW CPU Util Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AGWCapacityUnitsAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Capacity Units Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWResponseStatusPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Response Status Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "CDNPPercentage4XXPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "CDN Percentage 4XX Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "TMEndpointHealthAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "TM Enpoint Health Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "CDNPPercentage5XXPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "CDN Percentage 5XX Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "CDNPOriginLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "disabled", - "metadata": { - "displayName": "CDN Origin Latency Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "FDBackendHealthAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "FD Backend Health Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWComputeUnitsAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW Compute Units Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWCapacityUnitsPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Capacity Units Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "TMEndpointHealthPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "TM Enpoint Health Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWFailedRequestsAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Failed Requests Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "CDNPOriginLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "CDN Origin Latency Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "CDNPPercentage4XXWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "CDN Percentage 4XX Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "CDNPPercentage4XXAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "CDN Percentage 4XX Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "CDNPPercentage5XXWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "CDN Percentage 5XX Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWResponseStatusAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Response Status Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "CDNPOriginLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "CDN Origin Latency Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "CDNPPercentage5XXAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "CDN Percentage 5XX Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWResponseStatusWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Response Status Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWComputeUnitsPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW Compute Units Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWFailedRequestsWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Failed Requests Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "FDBackendHealthPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "FD Backend Health Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWCapacityUnitsWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Capacity Units Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "TMEndpointHealthWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "TM Enpoint Health Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "TMEndpointHealthAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "TM Enpoint Health Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWCapacityUnitsAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Capacity Units Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "FDBackendHealthAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "FD Backend Health Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWComputeUnitsAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW Compute Units Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWComputeUnitsWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW Compute Units Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "FDBackendHealthWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "FD Backend Health Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWCPUUtilAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AGW CPU Util Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AGWCPUUtilPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AGW CPU Util Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "AGWCPUUtilWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AGW CPU Util Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AGWCPUUtilAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AGW CPU Util Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AGWApplicationGatewayTotalTimeFailingPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "AGW Total Time Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "AGWApplicationGatewayTotalTimeEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "AGW Total Time Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimeFailingPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "AGWBackendLastByteResponseTimeEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "AGW Backend Last Byte Response Time Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "AGWFailedRequestsFailingPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "AGW Failed Requests Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "AGWFailedRequestsEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "AGW Failed Requests Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "AGWResponseStatusFailingPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "AGW Response Status Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "string" - }, - "AGWResponseStatusEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "AGW Response Status Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "string" - }, - "CDNPOriginLatencyFailingPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "CDN Origin Latency Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "String" - }, - "CDNPOriginLatencyEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "CDN Origin Latency Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "String" - }, - "CDNPPercentage4XXFailingPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "CDN Percentage 4XX Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "String" - }, - "CDNPPercentage4XXEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "CDN Percentage 4XX Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "String" - }, - "CDNPPercentage5XXFailingPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "CDN Percentage 5XX Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "String" - }, - "CDNPPercentage5XXEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "displayName": "CDN Percentage 5XX Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "String" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_PIPBytesInDDoS", - "policyDefinitionName": "Deploy_PublicIp_BytesInDDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPBytesInDDoSEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PIPBytesInDDoSWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPBytesInDDoSAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPBytesInDDoSAlertState')]" - }, - "effect": { - "value": "[parameters('PIPBytesInDDoSPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPBytesInDDoSThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PIPDDoSAttack", - "policyDefinitionName": "Deploy_PublicIp_DDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPDDoSAttackEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PIPDDoSAttackWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPDDoSAttackAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPDDoSAttackAlertState')]" - }, - "effect": { - "value": "[parameters('PIPDDoSAttackPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPDDoSAttackThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PIPPacketsInDDoS", - "policyDefinitionName": "Deploy_PublicIp_PacketsInDDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPPacketsInDDoSEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PIPPacketsInDDoSWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPPacketsInDDoSAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPPacketsInDDoSAlertState')]" - }, - "effect": { - "value": "[parameters('PIPPacketsInDDoSPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPPacketsInDDoSThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_PIPVIPAvailability", - "policyDefinitionName": "Deploy_PublicIp_VIPAvailability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('PIPVIPAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('PIPVIPAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('PIPVIPAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('PIPVIPAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('PIPVIPAvailabilityPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('PIPVIPAvailabilityThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VNETDDOSAttack", - "policyDefinitionName": "Deploy_VNET_DDoSAttack_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VNETDDOSAttackEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('VNETDDOSAttackWindowSize')]" - }, - "severity": { - "value": "[parameters('VNETDDOSAttackAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('VNETDDOSAttackAlertState')]" - }, - "effect": { - "value": "[parameters('VNETDDOSAttackPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('VNETDDOSAttackThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWTotalTime", - "policyDefinitionName": "Deploy_AG_ApplicationGatewayTotalTime_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWApplicationGatewayTotalTimeEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('AGWApplicationGatewayTotalTimeWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWApplicationGatewayTotalTimeAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWApplicationGatewayTotalTimeAlertState')]" - }, - "effect": { - "value": "[parameters('AGWApplicationGatewayTotalTimePolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('AGWApplicationGatewayTotalTimeFailingPeriods')]" - }, - "evaluationperiods": { - "value": "[parameters('AGWApplicationGatewayTotalTimeEvaluationPeriods')]" - }, - "alertSensitivity": { - "value": "[parameters('AGWApplicationGatewayTotalTimeAlertSensitivity')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWBackendLastByteResponseTime", - "policyDefinitionName": "Deploy_AG_BackendLastByteResponseTime_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWBackendLastByteResponseTimeEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('AGWBackendLastByteResponseTimeWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWBackendLastByteResponseTimeAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWBackendLastByteResponseTimeAlertState')]" - }, - "effect": { - "value": "[parameters('AGWBackendLastByteResponseTimePolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('AGWBackendLastByteResponseTimeFailingPeriods')]" - }, - "evaluationperiods": { - "value": "[parameters('AGWBackendLastByteResponseTimeEvaluationPeriods')]" - }, - "alertSensitivity": { - "value": "[parameters('AGWBackendLastByteResponseTimeAlertSensitivity')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWCapacityUnits", - "policyDefinitionName": "Deploy_AG_CapacityUnits_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWCapacityUnitsEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('AGWCapacityUnitsWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWCapacityUnitsAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWCapacityUnitsAlertState')]" - }, - "effect": { - "value": "[parameters('AGWCapacityUnitsPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWComputeUnits", - "policyDefinitionName": "Deploy_AG_ComputeUnits_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWComputeUnitsEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('AGWComputeUnitsWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWComputeUnitsAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWComputeUnitsAlertState')]" - }, - "effect": { - "value": "[parameters('AGWComputeUnitsPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWCPUUtilization", - "policyDefinitionName": "Deploy_AG_CPUUtilization_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWCPUUtilEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('AGWCPUUtilWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWCPUUtilAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWCPUUtilAlertState')]" - }, - "effect": { - "value": "[parameters('AGWCPUUtilPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWFailedRequests", - "policyDefinitionName": "Deploy_AG_FailedRequests_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWFailedRequestsEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('AGWFailedRequestsWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWFailedRequestsAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWFailedRequestsAlertState')]" - }, - "effect": { - "value": "[parameters('AGWFailedRequestsPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('AGWFailedRequestsFailingPeriods')]" - }, - "evaluationperiods": { - "value": "[parameters('AGWFailedRequestsEvaluationPeriods')]" - }, - "alertSensitivity": { - "value": "[parameters('AGWFailedRequestsAlertSensitivity')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWResponseStatus", - "policyDefinitionName": "Deploy_AG_ResponseStatus_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWResponseStatusEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('AGWResponseStatusWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWResponseStatusAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWResponseStatusAlertState')]" - }, - "effect": { - "value": "[parameters('AGWResponseStatusPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('AGWResponseStatusFailingPeriods')]" - }, - "evaluationperiods": { - "value": "[parameters('AGWResponseStatusEvaluationPeriods')]" - }, - "alertSensitivity": { - "value": "[parameters('AGWResponseStatusAlertSensitivity')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AGWUnhealthyHostCount", - "policyDefinitionName": "Deploy_AG_UnhealthyHostCount_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AGWUnhealthyHostCountEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('AGWUnhealthyHostCountWindowSize')]" - }, - "severity": { - "value": "[parameters('AGWUnhealthyHostCountAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AGWUnhealthyHostCountAlertState')]" - }, - "effect": { - "value": "[parameters('AGWUnhealthyHostCountPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBDataPathAvailability", - "policyDefinitionName": "Deploy_ALB_DataPathAvailability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBDataPathAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('LBDataPathAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('LBDataPathAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBDataPathAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('LBDataPathAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBGlobalBackendAvailability", - "policyDefinitionName": "Deploy_ALB_GlobalBackendAvailability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBGlobalBackendAvailabilityEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('LBGlobalBackendAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('LBGlobalBackendAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBGlobalBackendAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('LBGlobalBackendAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBHealthProbeStatus", - "policyDefinitionName": "Deploy_ALB_HealthProbeStatus_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBHealthProbeStatusEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('LBHealthProbeStatusWindowSize')]" - }, - "severity": { - "value": "[parameters('LBHealthProbeStatusAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBHealthProbeStatusAlertState')]" - }, - "effect": { - "value": "[parameters('LBHealthProbeStatusPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LBUsedSNATPorts", - "policyDefinitionName": "Deploy_ALB_UsedSNATPorts_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LBUsedSNATPortsEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('LBUsedSNATPortsWindowSize')]" - }, - "severity": { - "value": "[parameters('LBUsedSNATPortsAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('LBUsedSNATPortsAlertState')]" - }, - "effect": { - "value": "[parameters('LBUsedSNATPortsPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_CDNPOriginHealthPercentage", - "policyDefinitionName": "Deploy_FrontDoorCDN_OriginHealthPercentage_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('CDNPOriginHealthPercentageEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('CDNPOriginHealthPercentageWindowSize')]" - }, - "severity": { - "value": "[parameters('CDNPOriginHealthPercentageAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('CDNPOriginHealthPercentageAlertState')]" - }, - "effect": { - "value": "[parameters('CDNPOriginHealthPercentagePolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_CDNPOriginLatency", - "policyDefinitionName": "Deploy_FrontDoorCDN_OriginLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('CDNPOriginLatencyEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('CDNPOriginLatencyWindowSize')]" - }, - "severity": { - "value": "[parameters('CDNPOriginLatencyAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('CDNPOriginLatencyAlertState')]" - }, - "effect": { - "value": "[parameters('CDNPOriginLatencyPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('CDNPOriginLatencyFailingPeriods')]" - }, - "evaluationperiods": { - "value": "[parameters('CDNPOriginLatencyEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_CDNPPercentage4XX", - "policyDefinitionName": "Deploy_FrontDoorCDN_Percentage4XX_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('CDNPPercentage4XXEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('CDNPPercentage4XXWindowSize')]" - }, - "severity": { - "value": "[parameters('CDNPPercentage4XXAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('CDNPPercentage4XXAlertState')]" - }, - "effect": { - "value": "[parameters('CDNPPercentage4XXPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('CDNPPercentage4XXFailingPeriods')]" - }, - "evaluationperiods": { - "value": "[parameters('CDNPPercentage4XXEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_CDNPPercentage5XX", - "policyDefinitionName": "Deploy_FrontDoorCDN_Percentage5XX_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('CDNPPercentage5XXEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('CDNPPercentage5XXWindowSize')]" - }, - "severity": { - "value": "[parameters('CDNPPercentage5XXAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('CDNPPercentage5XXAlertState')]" - }, - "effect": { - "value": "[parameters('CDNPPercentage5XXPolicyEffect')]" - }, - "failingPeriods": { - "value": "[parameters('CDNPPercentage5XXFailingPeriods')]" - }, - "evaluationperiods": { - "value": "[parameters('CDNPPercentage5XXEvaluationPeriods')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_TMEndpointHealth", - "policyDefinitionName": "Deploy_TM_EndpointHealth_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('TMEndpointHealthEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('TMEndpointHealthWindowSize')]" - }, - "severity": { - "value": "[parameters('TMEndpointHealthAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('TMEndpointHealthAlertState')]" - }, - "effect": { - "value": "[parameters('TMEndpointHealthPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_FDBackendHealth", - "policyDefinitionName": "Deploy_FD_BackendHealth_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('FDBackendHealthEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('FDBackendHealthWindowSize')]" - }, - "severity": { - "value": "[parameters('FDBackendHealthAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('FDBackendHealthAlertState')]" - }, - "effect": { - "value": "[parameters('FDBackendHealthPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_FDBackendRequestLatency", - "policyDefinitionName": "Deploy_FD_BackendRequestLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('FDBackendRequestLatencyEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('FDBackendRequestLatencyWindowSize')]" - }, - "severity": { - "value": "[parameters('FDBackendRequestLatencyAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('FDBackendRequestLatencyAlertState')]" - }, - "effect": { - "value": "[parameters('FDBackendRequestLatencyPolicyEffect')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-management.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-management.jsonc deleted file mode 100644 index c50e0f86..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-management.jsonc +++ /dev/null @@ -1,685 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-Management", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Management", - "description": "Initiative to deploy AMBA alerts relevant to the ALZ Management management group", - "metadata": { - "alzCloudEnvironments": [ - "AzureCloud" - ], - "_deployed_by_amba": true, - "version": "1.3.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "displayName": "ALZ Monitoring Resource Group Location", - "description": "Location of the resource group" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_alz_monitor": true - }, - "metadata": { - "displayName": "ALZ Monitoring Resource Group Tags", - "description": "Tags to apply to the resource group" - }, - "type": "Object" - }, - "ALZMonitorResourceGroupName": { - "defaultValue": "ALZ-Monitoring-RG", - "metadata": { - "displayName": "ALZ Monitoring Resource Group Name", - "description": "Name of the resource group to deploy the ALZ monitoring resources to" - }, - "type": "String" - }, - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "displayName": "ALZ Monitoring disabled tag values(s)", - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." - }, - "type": "Array" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "displayName": "ALZ Monitoring disabled tag name", - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." - }, - "type": "String" - }, - "StorageAccountAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "displayName": "Storage Account Availability Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "StorageAccountAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Storage Account Availability Alert Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will create the alert if it does not exist, disabled will not create the alert" - }, - "type": "string" - }, - "StorageAccountAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Storage Account Availability Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "StorageAccountAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Storage Account Availability Alert Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "StorageAccountAvailabilityFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "Storage Account Availability Alert Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "StorageAccountAvailabilityThreshold": { - "defaultValue": "90", - "metadata": { - "displayName": "Storage Account Availability Alert Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "RVBackupHealthMonitorPolicyEffect": { - "allowedValues": [ - "modify", - "audit", - "disabled" - ], - "defaultValue": "modify", - "metadata": { - "displayName": "RV Backup Health Monitor Policy Effect", - "description": "Policy effect for the alert, modify will create the alert if it does not exist and enable it on your Recovery Vaults, audit will only audit if alerting is enabled on Recovery Vaults, disabled will not create the alert on Recovery Vaults" - }, - "type": "string" - }, - "StorageAccountDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Storage Account Delete Alert Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will create the alert if it does not exist, disabled will not create the alert" - }, - "type": "string" - }, - "StorageAccountDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Storage Account Delete Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "ALZUserAssignedManagedIdentityName": { - "defaultValue": "id-AMBA-ARG-Reader-001", - "metadata": { - "displayName": "Name of the user assigned managed identity to be created.", - "description": "The name of the user assigned managed identity to be created for monitoring purpose." - }, - "type": "string" - }, - "ALZManagementSubscriptionId": { - "defaultValue": "", - "metadata": { - "description": "The subscription ID of the management subscription where the user assigned managed identity will be created." - }, - "type": "string" - }, - "BYOUserAssignedManagedIdentityResourceId": { - "defaultValue": "", - "metadata": { - "displayName": "Customer defined User Assigned managed Identity resource Id.", - "description": "The resource Id of the user assigned managed identity provided by the customer." - }, - "type": "string" - }, - "AATotalJobAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "AA Total Job Alert Severity", - "description": "Severity of the alert" - }, - "type": "String" - }, - "AATotalJobAlertWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "displayName": "AA Total Job Alert Window Size", - "description": "Window size for the alert" - }, - "type": "string" - }, - "AATotalJobAlertEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "displayName": "AA Total Job Alert Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "string" - }, - "AATotalJobAlertPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "AA Total Job Alert Policy Effect", - "description": "Policy effect for the alert" - }, - "type": "string" - }, - "AATotalJobAlertAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "AA Total Job Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "AATotalJobAlertThreshold": { - "defaultValue": "20", - "metadata": { - "displayName": "AA Total Job Alert Threshold", - "description": "Threshold for the alert" - }, - "type": "string" - }, - "RVASRHealthMonitorPolicyEffect": { - "allowedValues": [ - "modify", - "audit", - "disabled" - ], - "defaultValue": "modify", - "metadata": { - "displayName": "Recovery Vault ASR Health Monitor Policy Effect", - "description": "Policy effect for the alert, modify will modify the alert if it exists, or audit if it does not exist" - }, - "type": "string" - }, - "activityLAWDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Activity Log Alert Delete Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will create the alert if it does not exist, disabled will not create the alert" - }, - "type": "string" - }, - "activityLAWDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Activity Log Alert Delete Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "activityLAWKeyRegenPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "LAW Key Regen Alert Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will create the alert if it does not exist, disabled will not create the alert" - }, - "type": "string" - }, - "activityLAWKeyRegenAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Activity Log Alert Key Regen Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "LAWDailyCapLimitSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "displayName": "Log Analytics Workspace Daily Cap Limit Reached Alert Severity", - "description": "Severity of the Alert" - }, - "type": "String" - }, - "LAWDailyCapLimitOperator": { - "allowedValues": [ - "GreaterThan", - "GreaterThanOrEqual" - ], - "defaultValue": "GreaterThan", - "metadata": { - "displayName": "Log Analytics Workspace Daily Cap Limit Reached Alert Operator" - }, - "type": "String" - }, - "LAWDailyCapLimitTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "displayName": "Log Analytics Workspace Daily Cap Limit Reached Alert TimeAggregation" - }, - "type": "String" - }, - "LAWDailyCapLimitWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT10M", - "PT15M", - "PT30M", - "PT45M", - "PT1H", - "PT2H", - "PT3H", - "PT4H", - "PT5H", - "PT6H", - "P1D" - ], - "defaultValue": "P1D", - "metadata": { - "displayName": "Log Analytics Workspace Daily Cap Limit Reached Alert Window Size", - "description": "Window size for the alert" - }, - "type": "String" - }, - "LAWDailyCapLimitEvaluationFrequency": { - "allowedValues": [ - "PT5M", - "PT10M", - "PT15M", - "PT30M", - "PT45M", - "PT1H", - "PT2H", - "PT3H", - "PT4H", - "PT5H", - "PT6H", - "P1D" - ], - "defaultValue": "PT1H", - "metadata": { - "displayName": "Log Analytics Workspace Daily Cap Limit Reached Alert Evaluation Frequency", - "description": "Evaluation frequency for the alert" - }, - "type": "String" - }, - "LAWDailyCapLimitAutoMitigate": { - "allowedValues": [ - "true", - "false" - ], - "defaultValue": "true", - "metadata": { - "displayName": "Log Analytics Workspace Daily Cap Limit Reached Alert Auto Mitigate", - "description": "Auto Mitigate for the alert" - }, - "type": "String" - }, - "LAWDailyCapLimitThreshold": { - "defaultValue": "0", - "metadata": { - "displayName": "Log Analytics Workspace Daily Cap Limit Reached Alert Threshold", - "description": "Threshold for the alert" - }, - "type": "String" - }, - "LAWDailyCapLimitFailingPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "Log Analytics Workspace Daily Cap Limit Reached Alert Failing Periods", - "description": "Number of failing periods before alert is fired" - }, - "type": "String" - }, - "LAWDailyCapLimitEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "displayName": "Log Analytics Workspace Daily Cap Limit Reached Alert Evaluation Periods", - "description": "The number of aggregated lookback points." - }, - "type": "String" - }, - "LAWDailyCapLimitPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Log Analytics Workspace Daily Cap Limit Reached Alert Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will create the alert if it does not exist, disabled will not create the alert" - }, - "type": "string" - }, - "LAWDailyCapLimitAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "ALog Analytics Workspace Daily Cap Limit Reached Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_activityLAWDelete", - "policyDefinitionName": "Deploy_activitylog_LAWorkspace_Delete", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityLAWDeleteAlertState')]" - }, - "effect": { - "value": "[parameters('activityLAWDeletePolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityLAWKeyRegen", - "policyDefinitionName": "Deploy_activitylog_LAWorkspace_KeyRegen", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityLAWKeyRegenAlertState')]" - }, - "effect": { - "value": "[parameters('activityLAWKeyRegenPolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_LAWorkspaceDailyCapLimitReached", - "policyDefinitionName": "Deploy_LAWorkspace_DailyCapLimitReached_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('LAWDailyCapLimitEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('LAWDailyCapLimitWindowSize')]" - }, - "severity": { - "value": "[parameters('LAWDailyCapLimitSeverity')]" - }, - "enabled": { - "value": "[parameters('LAWDailyCapLimitAlertState')]" - }, - "effect": { - "value": "[parameters('LAWDailyCapLimitPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('LAWDailyCapLimitThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('LAWDailyCapLimitFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('LAWDailyCapLimitEvaluationPeriods')]" - }, - "timeAggregation": { - "value": "[parameters('LAWDailyCapLimitTimeAggregation')]" - }, - "autoMitigate": { - "value": "[parameters('LAWDailyCapLimitAutoMitigate')]" - }, - "operator": { - "value": "[parameters('LAWDailyCapLimitOperator')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_AATotalJob", - "policyDefinitionName": "Deploy_AA_TotalJob_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('AATotalJobAlertEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('AATotalJobAlertWindowSize')]" - }, - "severity": { - "value": "[parameters('AATotalJobAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('AATotalJobAlertAlertState')]" - }, - "effect": { - "value": "[parameters('AATotalJobAlertPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('AATotalJobAlertThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_RVBackupHealth", - "policyDefinitionName": "Deploy_RecoveryVault_BackupHealthMonitor_Alert", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "effect": { - "value": "[parameters('RVBackupHealthMonitorPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_RVASRHealthMonitor", - "policyDefinitionName": "Deploy_RecoveryVault_ASRHealthMonitor_Alert", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "effect": { - "value": "[parameters('RVASRHealthMonitorPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_StorageAccountAvailability", - "policyDefinitionName": "Deploy_StorageAccount_Availability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('StorageAccountAvailabilityFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "windowSize": { - "value": "[parameters('StorageAccountAvailabilityWindowSize')]" - }, - "severity": { - "value": "[parameters('StorageAccountAvailabilityAlertSeverity')]" - }, - "enabled": { - "value": "[parameters('StorageAccountAvailabilityAlertState')]" - }, - "effect": { - "value": "[parameters('StorageAccountAvailabilityPolicyEffect')]" - }, - "threshold": { - "value": "[parameters('StorageAccountAvailabilityThreshold')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activitySADelete", - "policyDefinitionName": "Deploy_activitylog_StorageAccount_Delete", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('StorageAccountDeleteAlertState')]" - }, - "effect": { - "value": "[parameters('StorageAccountDeletePolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-networkchanges.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-networkchanges.jsonc deleted file mode 100644 index bc05067a..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-networkchanges.jsonc +++ /dev/null @@ -1,162 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-NetworkChanges", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Changes in Network Routing and Security", - "description": "This initiative implements Azure Monitor Baseline Alerts to monitor alterations in Network Routing and Security, such as modifications to Route Tables and the removal of Network Security Groups.", - "metadata": { - "alzCloudEnvironments": [ - "AzureCloud" - ], - "_deployed_by_amba": true, - "version": "1.0.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "displayName": "ALZ Monitor Resource Group Location", - "description": "Location of the resource group where the ALZ Monitor resources will be deployed" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_alz_monitor": true - }, - "metadata": { - "displayName": "ALZ Monitor Resource Group Tags", - "description": "Tags for the resource group where the ALZ Monitor resources will be deployed" - }, - "type": "Object" - }, - "ALZMonitorResourceGroupName": { - "defaultValue": "ALZ-Monitoring-RG", - "metadata": { - "displayName": "ALZ Monitor Resource Group Name", - "description": "Name of the resource group where the ALZ Monitor resources will be deployed" - }, - "type": "String" - }, - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "displayName": "ALZ Monitoring disabled tag values(s)", - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled." - }, - "type": "Array" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "displayName": "ALZ Monitoring disabled tag name", - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled." - }, - "type": "String" - }, - "activityNSGDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Activity NSG Delete Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "activityUDRUpdateAlertState": { - "defaultValue": "true", - "metadata": { - "displayName": "Activity UDR Update Alert State", - "description": "Alert state for the alert" - }, - "type": "string" - }, - "activityNSGDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Activity NSG Delete Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - }, - "activityUDRUpdatePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "displayName": "Activity UDR Update Policy Effect", - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert" - }, - "type": "string" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_activityNSGDelete", - "policyDefinitionName": "Deploy_activitylog_NSG_Delete", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityNSGDeleteAlertState')]" - }, - "effect": { - "value": "[parameters('activityNSGDeletePolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activityUDRUpdate", - "policyDefinitionName": "Deploy_activitylog_RouteTable_Update", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('activityUDRUpdateAlertState')]" - }, - "effect": { - "value": "[parameters('activityUDRUpdatePolicyEffect')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-recoveryservices.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-recoveryservices.jsonc deleted file mode 100644 index cd04a7ac..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-recoveryservices.jsonc +++ /dev/null @@ -1,98 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-RecoveryServices", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Recovery Services", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Recovery Services such as Azure Backup, and Azure Site Recovery.", - "metadata": { - "_deployed_by_amba": true, - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.1.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "RVBackupHealthMonitorPolicyEffect": { - "allowedValues": [ - "modify", - "audit", - "disabled" - ], - "defaultValue": "modify", - "metadata": { - "description": "Policy effect for the alert, modify will modify the alert if it exists, or audit if it does not exist", - "displayName": "Recovery Vault Backup Health Monitor Policy Effect" - }, - "type": "string" - }, - "RVASRHealthMonitorPolicyEffect": { - "allowedValues": [ - "modify", - "audit", - "disabled" - ], - "defaultValue": "modify", - "metadata": { - "description": "Policy effect for the alert, modify will modify the alert if it exists, or audit if it does not exist", - "displayName": "Recovery Vault ASR Health Monitor Policy Effect" - }, - "type": "string" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_RVBackupHealthMonitor", - "policyDefinitionName": "Deploy_RecoveryVault_BackupHealthMonitor_Alert", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "effect": { - "value": "[parameters('RVBackupHealthMonitorPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_RVASRHealthMonitor", - "policyDefinitionName": "Deploy_RecoveryVault_ASRHealthMonitor_Alert", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "effect": { - "value": "[parameters('RVASRHealthMonitorPolicyEffect')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-servicehealth.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-servicehealth.jsonc deleted file mode 100644 index 4a583b8d..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-servicehealth.jsonc +++ /dev/null @@ -1,461 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-ServiceHealth", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Service Health", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Service Health Events such as Service issues, Planned maintenance, Health advisories, Security advisories, and Resource health.", - "metadata": { - "_deployed_by_amba": true, - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.5.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorActionGroupEmail": { - "defaultValue": [], - "metadata": { - "description": "Email addresses to send alerts to", - "displayName": "Action Group Email Addresses" - }, - "type": "Array" - }, - "ALZMonitorResourceGroupName": { - "defaultValue": "ALZ-Monitoring-RG", - "metadata": { - "description": "Name of the resource group to deploy the alerts to", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "BYOActionGroup": { - "defaultValue": [], - "metadata": { - "description": "The Resource IDs of existing Action Groups currently deployed in the environment.", - "displayName": "Customer defined Action Group Resource IDs" - }, - "type": "array" - }, - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the resource group", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_alz_monitor": true - }, - "metadata": { - "description": "Tags to apply to the resource group", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "BYOAlertProcessingRule": { - "defaultValue": "", - "metadata": { - "description": "The Resource ID of an existing Alert Processing Rule already deployed by the customer in his environment", - "displayName": "Customer defined Alert Processing Rule Resource ID" - }, - "type": "String" - }, - "ALZLogicappCallbackUrl": { - "defaultValue": "", - "metadata": { - "description": "Callback URL that triggers the Logic App", - "displayName": "Logic App Callback URL" - }, - "type": "String" - }, - "ALZLogicappResourceId": { - "defaultValue": "", - "metadata": { - "description": "Logic App Resource Id for Action Group to send alerts to", - "displayName": "Logic App Resource Id" - }, - "type": "String" - }, - "ALZFunctionResourceId": { - "defaultValue": "", - "metadata": { - "description": "Function Resource Id for Action Group to send alerts to", - "displayName": "Function Resource Id" - }, - "type": "String" - }, - "ALZFunctionTriggerUrl": { - "defaultValue": "", - "metadata": { - "description": "URL that triggers the Function App", - "displayName": "Function Trigger URL" - }, - "type": "String" - }, - "ALZEventHubResourceId": { - "defaultValue": [], - "metadata": { - "description": "Event Hub resource Ids for action group to send alerts to", - "displayName": "Event Hub resource Ids" - }, - "type": "array" - }, - "ALZWebhookServiceUri": { - "defaultValue": [], - "metadata": { - "description": "Indicates the service uri(s) of the webhook to send alerts to", - "displayName": "Webhook Service Uri(s)" - }, - "type": "Array" - }, - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "ALZArmRoleId": { - "defaultValue": [], - "metadata": { - "description": "Arm Built-in Role Ids for action group to send alerts to", - "displayName": "Arm Role Ids" - }, - "type": "array" - }, - "ResHlthUnhealthyAlertState": { - "defaultValue": "true", - "metadata": { - "description": "State of the Resource Health Unhealthy alert", - "displayName": "Resource Health Unhealthy Alert State" - }, - "type": "string" - }, - "ResHlthUnhealthyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Resource Health Unhealthy Alert Policy Effect" - }, - "type": "string" - }, - "SvcHlthAdvisoryAlertState": { - "defaultValue": "true", - "metadata": { - "description": "State of the Service Health Advisory alert", - "displayName": "Service Health Advisory Alert State" - }, - "type": "string" - }, - "serviceHealthAdvisoryPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Service Health Advisory Alert Policy Effect" - }, - "type": "string" - }, - "SvcHlthIncidentAlertState": { - "defaultValue": "true", - "metadata": { - "description": "State of the Service Health Incident alert", - "displayName": "Service Health Incident Alert State" - }, - "type": "string" - }, - "serviceHealthIncidentPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Service Health Incident Alert Policy Effect" - }, - "type": "string" - }, - "SvcHlthMaintenanceAlertState": { - "defaultValue": "true", - "metadata": { - "description": "State of the Service Health Maintenance alert", - "displayName": "Service Health Maintenance Alert State" - }, - "type": "string" - }, - "serviceHealthMaintenancePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Service Health Maintenance Alert Policy Effect" - }, - "type": "string" - }, - "svcHlthSecAdvisoryAlertState": { - "defaultValue": "true", - "metadata": { - "description": "State of the Service Health Security Advisory alert", - "displayName": "Service Health Security Advisory Alert State" - }, - "type": "string" - }, - "serviceHealthSecurityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Service Health Security Advisory Alert Policy Effect" - }, - "type": "string" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_ServiceHealth_ActionGroups", - "policyDefinitionName": "Deploy_ServiceHealth_ActionGroups", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "ALZMonitorResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - }, - "ALZMonitorResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "ALZMonitorResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "BYOAlertProcessingRule": { - "value": "[parameters('BYOAlertProcessingRule')]" - }, - "ALZLogicappCallbackUrl": { - "value": "[parameters('ALZLogicappCallbackUrl')]" - }, - "ALZLogicappResourceId": { - "value": "[parameters('ALZLogicappResourceId')]" - }, - "ALZFunctionResourceId": { - "value": "[parameters('ALZFunctionResourceId')]" - }, - "ALZFunctionTriggerUrl": { - "value": "[parameters('ALZFunctionTriggerUrl')]" - }, - "ALZEventHubResourceId": { - "value": "[parameters('ALZEventHubResourceId')]" - }, - "ALZWebhookServiceUri": { - "value": "[parameters('ALZWebhookServiceUri')]" - }, - "ALZArmRoleId": { - "value": "[parameters('ALZArmRoleId')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_ResHlthUnhealthy", - "policyDefinitionName": "Deploy_activitylog_ResourceHealth_Unhealthy_Alert", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('ResHlthUnhealthyAlertState')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "effect": { - "value": "[parameters('ResHlthUnhealthyPolicyEffect')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_SvcHlthAdvisory", - "policyDefinitionName": "Deploy_activitylog_ServiceHealth_HealthAdvisory", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('SvcHlthAdvisoryAlertState')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "effect": { - "value": "[parameters('serviceHealthAdvisoryPolicyEffect')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_SvcHlthIncident", - "policyDefinitionName": "Deploy_activitylog_ServiceHealth_Incident", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('SvcHlthIncidentAlertState')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "effect": { - "value": "[parameters('serviceHealthIncidentPolicyEffect')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_SvcHlthMaintenance", - "policyDefinitionName": "Deploy_activitylog_ServiceHealth_Maintenance", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('SvcHlthMaintenanceAlertState')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "effect": { - "value": "[parameters('serviceHealthMaintenancePolicyEffect')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_svcHlthSecAdvisory", - "policyDefinitionName": "Deploy_activitylog_ServiceHealth_SecurityAdvisory", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('svcHlthSecAdvisoryAlertState')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "effect": { - "value": "[parameters('serviceHealthSecurityPolicyEffect')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-storage.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-storage.jsonc deleted file mode 100644 index d1dba7dd..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-storage.jsonc +++ /dev/null @@ -1,221 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-Storage", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Storage", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Storage Services such as Storage accounts.", - "metadata": { - "_deployed_by_amba": true, - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.0.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorResourceGroupName": { - "defaultValue": "ALZ-Monitoring-RG", - "metadata": { - "description": "Name of the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Name" - }, - "type": "String" - }, - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Location" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_alz_monitor": true - }, - "metadata": { - "description": "Tags for the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Tags" - }, - "type": "Object" - }, - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "StorageAccountAvailabilityAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Storage Account Availability Alert State" - }, - "type": "string" - }, - "StorageAccountAvailabilityThreshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "Storage Account Availability Threshold" - }, - "type": "string" - }, - "StorageAccountDeletePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will create the alert if it does not exist, disabled will not create the alert", - "displayName": "Storage Account Delete Alert Policy Effect" - }, - "type": "string" - }, - "StorageAccountDeleteAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "Storage Account Delete Alert State" - }, - "type": "string" - }, - "StorageAccountAvailabilityAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the alert for Storage Account Availability", - "displayName": "Storage Account Availability Alert Severity" - }, - "type": "String" - }, - "StorageAccountAvailabilityWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "Storage Account Availability Window Size" - }, - "type": "string" - }, - "StorageAccountAvailabilityFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "Storage Account Availability Evaluation Frequency" - }, - "type": "string" - }, - "StorageAccountAvailabilityPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "Storage Account Availability Policy Effect" - }, - "type": "string" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_StorageAccountAvailability", - "policyDefinitionName": "Deploy_StorageAccount_Availability_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('StorageAccountAvailabilityFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('StorageAccountAvailabilityWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('StorageAccountAvailabilityAlertState')]" - }, - "severity": { - "value": "[parameters('StorageAccountAvailabilityAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('StorageAccountAvailabilityThreshold')]" - }, - "effect": { - "value": "[parameters('StorageAccountAvailabilityPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_activitySADelete", - "policyDefinitionName": "Deploy_activitylog_StorageAccount_Delete", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('StorageAccountDeleteAlertState')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "effect": { - "value": "[parameters('StorageAccountDeletePolicyEffect')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-vm.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-vm.jsonc deleted file mode 100644 index 51ab8ccb..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-vm.jsonc +++ /dev/null @@ -1,2390 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-VM", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Virtual Machines", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Azure Virtual Machines.", - "metadata": { - "_deployed_by_amba": true, - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.0.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorResourceGroupName": { - "defaultValue": "ALZ-Monitoring-RG", - "metadata": { - "description": "Name of the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Name" - }, - "type": "String" - }, - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Location" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_alz_monitor": true - }, - "metadata": { - "description": "Tags for the resource group where the ALZ Monitor resources will be deployed", - "displayName": "ALZ Monitor Resource Group Tags" - }, - "type": "Object" - }, - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "BYOUserAssignedManagedIdentityResourceId": { - "defaultValue": "", - "metadata": { - "description": "The resource Id of the user assigned managed identity provided by the customer.", - "displayName": "Customer defined User Assigned managed Identity resource Id." - }, - "type": "string" - }, - "ALZUserAssignedManagedIdentityName": { - "defaultValue": "id-AMBA-ARG-Reader-001", - "metadata": { - "description": "The name of the user assigned managed identity to be created for monitoring purpose.", - "displayName": "Name of the user assigned managed identity to be created." - }, - "type": "string" - }, - "ALZManagementSubscriptionId": { - "defaultValue": "", - "metadata": { - "description": "The subscription ID of the management subscription where the user assigned managed identity will be created." - }, - "type": "string" - }, - "VMHeartBeatRGAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "1", - "metadata": { - "description": "Severity of the alert for VM Heart Beat RG", - "displayName": "VM Heart Beat RG Alert Severity" - }, - "type": "String" - }, - "VMHeartBeatRGWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT6H", - "metadata": { - "description": "Window size for the alert", - "displayName": "VM Heart Beat RG Window Size" - }, - "type": "string" - }, - "VMHeartBeatRGEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "VM Heart Beat RG Evaluation Frequency" - }, - "type": "string" - }, - "VMHeartBeatRGAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "VM Heart Beat RG Auto Mitigate" - }, - "type": "string" - }, - "VMHeartBeatRGAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "VM Heart Beat RG Auto Resolve" - }, - "type": "string" - }, - "VMHeartBeatRGAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "VM Heart Beat RG Auto Resolve Time" - }, - "type": "string" - }, - "VMHeartBeatRGPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "VM Heart Beat RG Policy Effect" - }, - "type": "string" - }, - "VMHeartBeatRGAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "VM Heart Beat RG Alert State" - }, - "type": "string" - }, - "VMHeartBeatRGThreshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "VM Heart Beat RG Threshold" - }, - "type": "string" - }, - "VMHeartBeatRGOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "VM Heart Beat RG Operator" - }, - "type": "string" - }, - "VMHeartBeatRGTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "VM Heart Beat RG Time Aggregation" - }, - "type": "string" - }, - "VMHeartBeatRGComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "VM Heart Beat RG Computers To Include" - }, - "type": "array" - }, - "VMHeartBeatRGFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "VM Heart Beat RG Failing Periods" - }, - "type": "string" - }, - "VMNetworkInAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Network In", - "displayName": "VM Network In Alert Severity" - }, - "type": "String" - }, - "VMNetworkInWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "VM Network In Window Size" - }, - "type": "string" - }, - "VMNetworkInEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "VM Network In Evaluation Frequency" - }, - "type": "string" - }, - "VMNetworkInAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "VM Network In Auto Mitigate" - }, - "type": "string" - }, - "VMNetworkInAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "VM Network In Auto Resolve" - }, - "type": "string" - }, - "VMNetworkInAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "VM Network In Auto Resolve Time" - }, - "type": "string" - }, - "VMNetworkInPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "VM Network In Policy Effect" - }, - "type": "string" - }, - "VMNetworkInAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "VM Network In Alert State" - }, - "type": "string" - }, - "VMNetworkInThreshold": { - "defaultValue": "10000000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "VM Network In Threshold" - }, - "type": "string" - }, - "VMNetworkInOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "VM Network In Operator" - }, - "type": "string" - }, - "VMNetworkInTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "VM Network In Time Aggregation" - }, - "type": "string" - }, - "VMNetworkInEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "VM Network In Evaluation Periods" - }, - "type": "string" - }, - "VMNetworkInFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "VM Network In Failing Periods" - }, - "type": "string" - }, - "VMNetworkInComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "VM Network In Computers To Include" - }, - "type": "array" - }, - "VMNetworkOutAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Network Out", - "displayName": "VM Network Out Alert Severity" - }, - "type": "String" - }, - "VMNetworkOutWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "VM Network Out Window Size" - }, - "type": "string" - }, - "VMNetworkOutEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "VM Network Out Evaluation Frequency" - }, - "type": "string" - }, - "VMNetworkOutAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "VM Network Out Auto Mitigate" - }, - "type": "string" - }, - "VMNetworkOutAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "VM Network Out Auto Resolve" - }, - "type": "string" - }, - "VMNetworkOutAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "VM Network Out Auto Resolve Time" - }, - "type": "string" - }, - "VMNetworkOutPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "VM Network Out Policy Effect" - }, - "type": "string" - }, - "VMNetworkOutAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "VM Network Out Alert State" - }, - "type": "string" - }, - "VMNetworkOutThreshold": { - "defaultValue": "10000000", - "metadata": { - "description": "Threshold for the alert", - "displayName": "VM Network Out Threshold" - }, - "type": "string" - }, - "VMNetworkOutOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "VM Network Out Operator" - }, - "type": "string" - }, - "VMNetworkOutTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "VM Network Out Time Aggregation" - }, - "type": "string" - }, - "VMNetworkOutEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "VM Network Out Evaluation Periods" - }, - "type": "string" - }, - "VMNetworkOutFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "VM Network Out Failing Periods" - }, - "type": "string" - }, - "VMNetworkOutComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "VM Network Out Computers To Include" - }, - "type": "array" - }, - "VMOSDiskReadLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM OS Disk Read Latency", - "displayName": "VM OS Disk Read Latency Alert Severity" - }, - "type": "String" - }, - "VMOSDiskReadLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "VM OS Disk Read Latency Window Size" - }, - "type": "string" - }, - "VMOSDiskReadLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "VM OS Disk Read Latency Evaluation Frequency" - }, - "type": "string" - }, - "VMOSDiskReadLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "VM OS Disk Read Latency Auto Mitigate" - }, - "type": "string" - }, - "VMOSDiskReadLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "VM OS Disk Read Latency Auto Resolve" - }, - "type": "string" - }, - "VMOSDiskReadLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "VM OS Disk Read Latency Auto Resolve Time" - }, - "type": "string" - }, - "VMOSDiskReadLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "VM OS Disk Read Latency Policy Effect" - }, - "type": "string" - }, - "VMOSDiskReadLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "VM OS Disk Read Latency Alert State" - }, - "type": "string" - }, - "VMOSDiskReadLatencyThreshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "VM OS Disk Read Latency Threshold" - }, - "type": "string" - }, - "VMOSDiskReadLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "VM OS Disk Read Latency Operator" - }, - "type": "string" - }, - "VMOSDiskReadLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "VM OS Disk Read Latency Time Aggregation" - }, - "type": "string" - }, - "VMOSDiskReadLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "VM OS Disk Read Latency Evaluation Periods" - }, - "type": "string" - }, - "VMOSDiskReadLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "VM OS Disk Read Latency Failing Periods" - }, - "type": "string" - }, - "VMOSDiskReadLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "VM OS Disk Read Latency Computers To Include" - }, - "type": "array" - }, - "VMOSDiskWriteLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM OS Disk Write Latency", - "displayName": "VM OS Disk Write Latency Alert Severity" - }, - "type": "String" - }, - "VMOSDiskWriteLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "VM OS Disk Write Latency Window Size" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "VM OS Disk Write Latency Evaluation Frequency" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "VM OS Disk Write Latency Auto Mitigate" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "VM OS Disk Write Latency Auto Resolve" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "VM OS Disk Write Latency Auto Resolve Time" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "VM OS Disk Write Latency Policy Effect" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "VM OS Disk Write Latency Alert State" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyThreshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "VM OS Disk Write Latency Threshold" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "VM OS Disk Write Latency Operator" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "VM OS Disk Write Latency Time Aggregation" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "VM OS Disk Write Latency Evaluation Periods" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "VM OS Disk Write Latency Failing Periods" - }, - "type": "string" - }, - "VMOSDiskWriteLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "VM OS Disk Write Latency Computers To Include" - }, - "type": "array" - }, - "VMOSDiskSpaceAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM OS Disk Space", - "displayName": "VM OS Disk Space Alert Severity" - }, - "type": "String" - }, - "VMOSDiskSpaceWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "VM OS Disk Space Window Size" - }, - "type": "string" - }, - "VMOSDiskSpaceEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "VM OS Disk Space Evaluation Frequency" - }, - "type": "string" - }, - "VMOSDiskSpaceAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "VM OS Disk Space Auto Mitigate" - }, - "type": "string" - }, - "VMOSDiskSpaceAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "VM OS Disk Space Auto Resolve" - }, - "type": "string" - }, - "VMOSDiskSpaceAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "VM OS Disk Space Auto Resolve Time" - }, - "type": "string" - }, - "VMOSDiskSpacePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "VM OS Disk Space Policy Effect" - }, - "type": "string" - }, - "VMOSDiskSpaceAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "VM OS Disk Space Alert State" - }, - "type": "string" - }, - "VMOSDiskSpaceThreshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "VM OS Disk Space Threshold" - }, - "type": "string" - }, - "VMOSDiskSpaceOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "VM OS Disk Space Operator" - }, - "type": "string" - }, - "VMOSDiskSpaceTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "VM OS Disk Space Time Aggregation" - }, - "type": "string" - }, - "VMOSDiskSpaceEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "VM OS Disk Space Evaluation Periods" - }, - "type": "string" - }, - "VMOSDiskSpaceFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "VM OS Disk Space Failing Periods" - }, - "type": "string" - }, - "VMOSDiskSpaceComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "VM OS Disk Space Computers To Include" - }, - "type": "array" - }, - "VMPercentCPUAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Percent CPU", - "displayName": "VM Percent CPU Alert Severity" - }, - "type": "String" - }, - "VMPercentCPUWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "VM Percent CPU Window Size" - }, - "type": "string" - }, - "VMPercentCPUEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "VM Percent CPU Evaluation Frequency" - }, - "type": "string" - }, - "VMPercentCPUAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "VM Percent CPU Auto Mitigate" - }, - "type": "string" - }, - "VMPercentCPUAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "VM Percent CPU Auto Resolve" - }, - "type": "string" - }, - "VMPercentCPUAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "VM Percent CPU Auto Resolve Time" - }, - "type": "string" - }, - "VMPercentCPUPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "VM Percent CPU Policy Effect" - }, - "type": "string" - }, - "VMPercentCPUAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "VM Percent CPU Alert State" - }, - "type": "string" - }, - "VMPercentCPUThreshold": { - "defaultValue": "85", - "metadata": { - "description": "Threshold for the alert", - "displayName": "VM Percent CPU Threshold" - }, - "type": "string" - }, - "VMPercentCPUOperator": { - "allowedValues": [ - "Equals", - "GreaterThan", - "GreaterThanOrEqual", - "LessThan", - "LessThanOrEqual" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "VM Percent CPU Operator" - }, - "type": "string" - }, - "VMPercentCPUTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "VM Percent CPU Time Aggregation" - }, - "type": "string" - }, - "VMPercentCPUFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "VM Percent CPU Failing Periods" - }, - "type": "string" - }, - "VMPercentMemoryAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Percent Memory", - "displayName": "VM Percent Memory Alert Severity" - }, - "type": "String" - }, - "VMPercentMemoryWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "VM Percent Memory Window Size" - }, - "type": "string" - }, - "VMPercentMemoryEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "VM Percent Memory Evaluation Frequency" - }, - "type": "string" - }, - "VMPercentMemoryAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "VM Percent Memory Auto Mitigate" - }, - "type": "string" - }, - "VMPercentMemoryAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "VM Percent Memory Auto Resolve" - }, - "type": "string" - }, - "VMPercentMemoryAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "VM Percent Memory Auto Resolve Time" - }, - "type": "string" - }, - "VMPercentMemoryPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "VM Percent Memory Policy Effect" - }, - "type": "string" - }, - "VMPercentMemoryAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "VM Percent Memory Alert State" - }, - "type": "string" - }, - "VMPercentMemoryThreshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "VM Percent Memory Threshold" - }, - "type": "string" - }, - "VMPercentMemoryOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "VM Percent Memory Operator" - }, - "type": "string" - }, - "VMPercentMemoryTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "VM Percent Memory Time Aggregation" - }, - "type": "string" - }, - "VMPercentMemoryFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "VM Percent Memory Failing Periods" - }, - "type": "string" - }, - "VMDataDiskSpaceAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Data Disk Space", - "displayName": "VM Data Disk Space Alert Severity" - }, - "type": "String" - }, - "VMDataDiskSpaceWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "VM Data Disk Space Window Size" - }, - "type": "string" - }, - "VMDataDiskSpaceEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "VM Data Disk Space Evaluation Frequency" - }, - "type": "string" - }, - "VMDataDiskSpaceAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "VM Data Disk Space Auto Mitigate" - }, - "type": "string" - }, - "VMDataDiskSpaceAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "VM Data Disk Space Auto Resolve" - }, - "type": "string" - }, - "VMDataDiskSpaceAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "VM Data Disk Space Auto Resolve Time" - }, - "type": "string" - }, - "VMDataDiskSpacePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "VM Data Disk Space Policy Effect" - }, - "type": "string" - }, - "VMDataDiskSpaceAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "VM Data Disk Space Alert State" - }, - "type": "string" - }, - "VMDataDiskSpaceThreshold": { - "defaultValue": "10", - "metadata": { - "description": "Threshold for the alert", - "displayName": "VM Data Disk Space Threshold" - }, - "type": "string" - }, - "VMDataDiskSpaceOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "VM Data Disk Space Operator" - }, - "type": "string" - }, - "VMDataDiskSpaceTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "VM Data Disk Space Time Aggregation" - }, - "type": "string" - }, - "VMDataDiskSpaceEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "VM Data Disk Space Evaluation Periods" - }, - "type": "string" - }, - "VMDataDiskSpaceFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "VM Data Disk Space Failing Periods" - }, - "type": "string" - }, - "VMDataDiskSpaceComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "VM Data Disk Space Computers To Include" - }, - "type": "array" - }, - "VMDataDiskReadLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Data Disk Read Latency", - "displayName": "VM Data Disk Read Latency Alert Severity" - }, - "type": "String" - }, - "VMDataDiskReadLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "VM Data Disk Read Latency Window Size" - }, - "type": "string" - }, - "VMDataDiskReadLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "VM Data Disk Read Latency Evaluation Frequency" - }, - "type": "string" - }, - "VMDataDiskReadLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "VM Data Disk Read Latency Auto Mitigate" - }, - "type": "string" - }, - "VMDataDiskReadLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "VM Data Disk Read Latency Auto Resolve" - }, - "type": "string" - }, - "VMDataDiskReadLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "VM Data Disk Read Latency Auto Resolve Time" - }, - "type": "string" - }, - "VMDataDiskReadLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "VM Data Disk Read Latency Policy Effect" - }, - "type": "string" - }, - "VMDataDiskReadLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "VM Data Disk Read Latency Alert State" - }, - "type": "string" - }, - "VMDataDiskReadLatencyThreshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "VM Data Disk Read Latency Threshold" - }, - "type": "string" - }, - "VMDataDiskReadLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "VM Data Disk Read Latency Operator" - }, - "type": "string" - }, - "VMDataDiskReadLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "VM Data Disk Read Latency Time Aggregation" - }, - "type": "string" - }, - "VMDataDiskReadLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "VM Data Disk Read Latency Evaluation Periods" - }, - "type": "string" - }, - "VMDataDiskReadLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "VM Data Disk Read Latency Failing Periods" - }, - "type": "string" - }, - "VMDataDiskReadLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "VM Data Disk Read Latency Computers To Include" - }, - "type": "array" - }, - "VMDataDiskWriteLatencyAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert for VM Data Disk Write Latency", - "displayName": "VM Data Disk Write Latency Alert Severity" - }, - "type": "String" - }, - "VMDataDiskWriteLatencyWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT15M", - "metadata": { - "description": "Window size for the alert", - "displayName": "VM Data Disk Write Latency Window Size" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "VM Data Disk Write Latency Evaluation Frequency" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyAutoMitigate": { - "defaultValue": "true", - "metadata": { - "description": "Auto Mitigate for the alert", - "displayName": "VM Data Disk Write Latency Auto Mitigate" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyAutoResolve": { - "defaultValue": "true", - "metadata": { - "description": "Auto Resolve for the alert", - "displayName": "VM Data Disk Write Latency Auto Resolve" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyAutoResolveTime": { - "defaultValue": "00:10:00", - "metadata": { - "description": "Auto Resolve Time for the alert", - "displayName": "VM Data Disk Write Latency Auto Resolve Time" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist", - "displayName": "VM Data Disk Write Latency Policy Effect" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert, true will enable the alert, false will disable the alert", - "displayName": "VM Data Disk Write Latency Alert State" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyThreshold": { - "defaultValue": "30", - "metadata": { - "description": "Threshold for the alert", - "displayName": "VM Data Disk Write Latency Threshold" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyOperator": { - "allowedValues": [ - "GreaterThan" - ], - "defaultValue": "GreaterThan", - "metadata": { - "description": "Operator for the alert", - "displayName": "VM Data Disk Write Latency Operator" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyTimeAggregation": { - "allowedValues": [ - "Count" - ], - "defaultValue": "Count", - "metadata": { - "description": "Time Aggregation for the alert", - "displayName": "VM Data Disk Write Latency Time Aggregation" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyEvaluationPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Evaluation Periods for the alert", - "displayName": "VM Data Disk Write Latency Evaluation Periods" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyFailingPeriods": { - "defaultValue": "1", - "metadata": { - "description": "Failing Periods for the alert", - "displayName": "VM Data Disk Write Latency Failing Periods" - }, - "type": "string" - }, - "VMDataDiskWriteLatencyComputersToInclude": { - "defaultValue": [ - "*" - ], - "metadata": { - "description": "Computers To Include for the alert", - "displayName": "VM Data Disk Write Latency Computers To Include" - }, - "type": "array" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_VMHeartBeatRG", - "policyDefinitionName": "Deploy_VM_HeartBeat_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMHeartBeatRGEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('VMHeartBeatRGAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('VMHeartBeatRGWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('VMHeartBeatRGAlertState')]" - }, - "severity": { - "value": "[parameters('VMHeartBeatRGAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('VMHeartBeatRGThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMHeartBeatRGFailingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('VMHeartBeatRGTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('VMHeartBeatRGOperator')]" - }, - "effect": { - "value": "[parameters('VMHeartBeatRGPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('VMHeartBeatRGAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('VMHeartBeatRGComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('VMHeartBeatRGAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMNetworkIn", - "policyDefinitionName": "Deploy_VM_NetworkIn_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMNetworkInEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('VMNetworkInAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('VMNetworkInWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('VMNetworkInAlertState')]" - }, - "severity": { - "value": "[parameters('VMNetworkInAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('VMNetworkInThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMNetworkInFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMNetworkInEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('VMNetworkInTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('VMNetworkInOperator')]" - }, - "effect": { - "value": "[parameters('VMNetworkInPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('VMNetworkInAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('VMNetworkInComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('VMNetworkInAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMNetworkOut", - "policyDefinitionName": "Deploy_VM_NetworkOut_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMNetworkOutEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('VMNetworkOutAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('VMNetworkOutWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('VMNetworkOutAlertState')]" - }, - "severity": { - "value": "[parameters('VMNetworkOutAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('VMNetworkOutThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMNetworkOutFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMNetworkOutEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('VMNetworkOutTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('VMNetworkOutOperator')]" - }, - "effect": { - "value": "[parameters('VMNetworkOutPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('VMNetworkOutAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('VMNetworkOutComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('VMNetworkOutAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMOSDiskReadLatency", - "policyDefinitionName": "Deploy_VM_OSDiskreadLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMOSDiskReadLatencyEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('VMOSDiskReadLatencyAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('VMOSDiskReadLatencyWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('VMOSDiskReadLatencyAlertState')]" - }, - "severity": { - "value": "[parameters('VMOSDiskReadLatencyAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('VMOSDiskReadLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMOSDiskReadLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMOSDiskReadLatencyEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('VMOSDiskReadLatencyTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('VMOSDiskReadLatencyOperator')]" - }, - "effect": { - "value": "[parameters('VMOSDiskReadLatencyPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('VMOSDiskReadLatencyAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('VMOSDiskReadLatencyComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('VMOSDiskReadLatencyAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMOSDiskWriteLatency", - "policyDefinitionName": "Deploy_VM_OSDiskwriteLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMOSDiskWriteLatencyEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('VMOSDiskWriteLatencyAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('VMOSDiskWriteLatencyWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('VMOSDiskWriteLatencyAlertState')]" - }, - "severity": { - "value": "[parameters('VMOSDiskWriteLatencyAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('VMOSDiskWriteLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMOSDiskWriteLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMOSDiskWriteLatencyEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('VMOSDiskWriteLatencyTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('VMOSDiskWriteLatencyOperator')]" - }, - "effect": { - "value": "[parameters('VMOSDiskWriteLatencyPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('VMOSDiskWriteLatencyAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('VMOSDiskWriteLatencyComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('VMOSDiskWriteLatencyAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMOSDiskSpace", - "policyDefinitionName": "Deploy_VM_OSDiskSpace_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMOSDiskSpaceEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('VMOSDiskSpaceAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('VMOSDiskSpaceWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('VMOSDiskSpaceAlertState')]" - }, - "severity": { - "value": "[parameters('VMOSDiskSpaceAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('VMOSDiskSpaceThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMOSDiskSpaceFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMOSDiskSpaceEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('VMOSDiskSpaceTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('VMOSDiskSpaceOperator')]" - }, - "effect": { - "value": "[parameters('VMOSDiskSpacePolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('VMOSDiskSpaceAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('VMOSDiskSpaceComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('VMOSDiskSpaceAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMPercentCPU", - "policyDefinitionName": "Deploy_VM_CPU_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMPercentCPUEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('VMPercentCPUAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('VMPercentCPUWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('VMPercentCPUAlertState')]" - }, - "severity": { - "value": "[parameters('VMPercentCPUAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('VMPercentCPUThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMPercentCPUFailingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('VMPercentCPUTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('VMPercentCPUOperator')]" - }, - "effect": { - "value": "[parameters('VMPercentCPUPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('VMPercentCPUAutoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('VMPercentCPUAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMPercentMemory", - "policyDefinitionName": "Deploy_VM_Memory_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMPercentMemoryEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('VMPercentMemoryAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('VMPercentMemoryWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('VMPercentMemoryAlertState')]" - }, - "severity": { - "value": "[parameters('VMPercentMemoryAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('VMPercentMemoryThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMPercentMemoryFailingPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('VMPercentMemoryTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('VMPercentMemoryOperator')]" - }, - "effect": { - "value": "[parameters('VMPercentMemoryPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('VMPercentMemoryAutoResolveTime')]" - }, - "autoResolve": { - "value": "[parameters('VMPercentMemoryAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMDataDiskSpace", - "policyDefinitionName": "Deploy_VM_dataDiskSpace_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMDataDiskSpaceEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('VMDataDiskSpaceAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('VMDataDiskSpaceWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('VMDataDiskSpaceAlertState')]" - }, - "severity": { - "value": "[parameters('VMDataDiskSpaceAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('VMDataDiskSpaceThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMDataDiskSpaceFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMDataDiskSpaceEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('VMDataDiskSpaceTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('VMDataDiskSpaceOperator')]" - }, - "effect": { - "value": "[parameters('VMDataDiskSpacePolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('VMDataDiskSpaceAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('VMDataDiskSpaceComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('VMDataDiskSpaceAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMDataDiskReadLatency", - "policyDefinitionName": "Deploy_VM_dataDiskReadLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMDataDiskReadLatencyEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('VMDataDiskReadLatencyAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('VMDataDiskReadLatencyWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('VMDataDiskReadLatencyAlertState')]" - }, - "severity": { - "value": "[parameters('VMDataDiskReadLatencyAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('VMDataDiskReadLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMDataDiskReadLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMDataDiskReadLatencyEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('VMDataDiskReadLatencyTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('VMDataDiskReadLatencyOperator')]" - }, - "effect": { - "value": "[parameters('VMDataDiskReadLatencyPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('VMDataDiskReadLatencyAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('VMDataDiskReadLatencyComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('VMDataDiskReadLatencyAutoResolve')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_VMDataDiskWriteLatency", - "policyDefinitionName": "Deploy_VM_dataDiskWriteLatency_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('VMDataDiskWriteLatencyEvaluationFrequency')]" - }, - "autoMitigate": { - "value": "[parameters('VMDataDiskWriteLatencyAutoMitigate')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "alertResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "alertResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "windowSize": { - "value": "[parameters('VMDataDiskWriteLatencyWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('VMDataDiskWriteLatencyAlertState')]" - }, - "severity": { - "value": "[parameters('VMDataDiskWriteLatencyAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('VMDataDiskWriteLatencyThreshold')]" - }, - "failingPeriods": { - "value": "[parameters('VMDataDiskWriteLatencyFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('VMDataDiskWriteLatencyEvaluationPeriods')]" - }, - "alertResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "timeAggregation": { - "value": "[parameters('VMDataDiskWriteLatencyTimeAggregation')]" - }, - "UAMIResourceId": { - "value": "[if(empty(parameters('BYOUserAssignedManagedIdentityResourceId')), concat('/subscriptions/', parameters('ALZManagementSubscriptionId'), '/resourceGroups/', parameters('ALZMonitorResourceGroupName'), '/providers/Microsoft.ManagedIdentity/userAssignedIdentities/', parameters('ALZUserAssignedManagedIdentityName')),parameters('BYOUserAssignedManagedIdentityResourceId'))]" - }, - "operator": { - "value": "[parameters('VMDataDiskWriteLatencyOperator')]" - }, - "effect": { - "value": "[parameters('VMDataDiskWriteLatencyPolicyEffect')]" - }, - "autoResolveTime": { - "value": "[parameters('VMDataDiskWriteLatencyAutoResolveTime')]" - }, - "computersToInclude": { - "value": "[parameters('VMDataDiskWriteLatencyComputersToInclude')]" - }, - "autoResolve": { - "value": "[parameters('VMDataDiskWriteLatencyAutoResolve')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/alerting-web.jsonc b/Definitions/policySetDefinitions/Monitoring/alerting-web.jsonc deleted file mode 100644 index 2a1369c9..00000000 --- a/Definitions/policySetDefinitions/Monitoring/alerting-web.jsonc +++ /dev/null @@ -1,488 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Alerting-Web", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts for Web", - "description": "This initiative deploys Azure Monitor Baseline Alerts to monitor Web Services such as App Services.", - "metadata": { - "_deployed_by_amba": true, - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.0.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "WSFCPUPercentageAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert", - "displayName": "WSF CPU Percentage Alert Severity" - }, - "type": "String" - }, - "WSFCPUPercentageWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "WSF CPU Percentage Window Size" - }, - "type": "string" - }, - "WSFCPUPercentageEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "WSF CPU Percentage Evaluation Frequency" - }, - "type": "string" - }, - "WSFCPUPercentagePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert", - "displayName": "WSF CPU Percentage Policy Effect" - }, - "type": "string" - }, - "WSFCPUPercentageAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "WSF CPU Percentage Alert State" - }, - "type": "string" - }, - "WSFCPUPercentageThreshold": { - "defaultValue": "90", - "metadata": { - "description": "Threshold for the alert", - "displayName": "WSF CPU Percentage Threshold" - }, - "type": "string" - }, - "WSFMemoryPercentageAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert", - "displayName": "WSF Memory Percentage Alert Severity" - }, - "type": "String" - }, - "WSFMemoryPercentageWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "WSF Memory Percentage Window Size" - }, - "type": "string" - }, - "WSFMemoryPercentageEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "WSF Memory Percentage Evaluation Frequency" - }, - "type": "string" - }, - "WSFMemoryPercentagePolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert", - "displayName": "WSF Memory Percentage Policy Effect" - }, - "type": "string" - }, - "WSFMemoryPercentageAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "WSF Memory Percentage Alert State" - }, - "type": "string" - }, - "WSFMemoryPercentageThreshold": { - "defaultValue": "85", - "metadata": { - "description": "Threshold for the alert", - "displayName": "WSF Memory Percentage Threshold" - }, - "type": "string" - }, - "WSFDiskQueueLengthAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert", - "displayName": "WSF Disk Queue Lenght Alert Severity" - }, - "type": "String" - }, - "WSFDiskQueueLengthWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "WSF Disk Queue Lenght Window Size" - }, - "type": "string" - }, - "WSFDiskQueueLengthEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "WSF Disk Queue Lenght Evaluation Frequency" - }, - "type": "string" - }, - "WSFDiskQueueLengthPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert", - "displayName": "WSF Disk Queue Lenght Policy Effect" - }, - "type": "string" - }, - "WSFDiskQueueLengthAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "WSF Disk Queue Lenght Alert State" - }, - "type": "string" - }, - "WSFDiskQueueLengthFailingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "WSF Disk Queue Lenght Failing Periods" - }, - "type": "string" - }, - "WSFDiskQueueLengthEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "WSF Disk Queue Lenght Evaluation Periods" - }, - "type": "string" - }, - "WSFHttpQueueLengthAlertSeverity": { - "allowedValues": [ - "0", - "1", - "2", - "3", - "4" - ], - "defaultValue": "2", - "metadata": { - "description": "Severity of the alert", - "displayName": "WSF HTTP Queue Lenght Alert Severity" - }, - "type": "String" - }, - "WSFHttpQueueLengthWindowSize": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H", - "PT6H", - "PT12H", - "P1D" - ], - "defaultValue": "PT5M", - "metadata": { - "description": "Window size for the alert", - "displayName": "WSF HTTP Queue Lenght Window Size" - }, - "type": "string" - }, - "WSFHttpQueueLengthEvaluationFrequency": { - "allowedValues": [ - "PT1M", - "PT5M", - "PT15M", - "PT30M", - "PT1H" - ], - "defaultValue": "PT1M", - "metadata": { - "description": "Evaluation frequency for the alert", - "displayName": "WSF HTTP Queue Lenght Evaluation Frequency" - }, - "type": "string" - }, - "WSFHttpQueueLengthPolicyEffect": { - "allowedValues": [ - "deployIfNotExists", - "disabled" - ], - "defaultValue": "deployIfNotExists", - "metadata": { - "description": "Policy effect for the alert, deployIfNotExists will deploy the alert if it does not exist, disabled will not deploy the alert", - "displayName": "WSF HTTP Queue Lenght Policy Effect" - }, - "type": "string" - }, - "WSFHttpQueueLengthAlertState": { - "defaultValue": "true", - "metadata": { - "description": "Alert state for the alert", - "displayName": "WSF HTTP Queue Lenght Alert State" - }, - "type": "string" - }, - "WSFHttpQueueLengthFailingPeriods": { - "defaultValue": "2", - "metadata": { - "description": "Number of failing periods before alert is fired", - "displayName": "WSF HTTP Queue Lenght Failing Periods" - }, - "type": "string" - }, - "WSFHttpQueueLengthEvaluationPeriods": { - "defaultValue": "2", - "metadata": { - "description": "The number of aggregated lookback points.", - "displayName": "WSF HTTP Queue Lenght Evaluation Periods" - }, - "type": "string" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_WSFCPUPercentage", - "policyDefinitionName": "Deploy_WSF_CPUPercentage_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('WSFCPUPercentageEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('WSFCPUPercentageWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('WSFCPUPercentageAlertState')]" - }, - "severity": { - "value": "[parameters('WSFCPUPercentageAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('WSFCPUPercentageThreshold')]" - }, - "effect": { - "value": "[parameters('WSFCPUPercentagePolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_WSFMemoryPercentage", - "policyDefinitionName": "Deploy_WSF_MemoryPercentage_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('WSFMemoryPercentageEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('WSFMemoryPercentageWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('WSFMemoryPercentageAlertState')]" - }, - "severity": { - "value": "[parameters('WSFMemoryPercentageAlertSeverity')]" - }, - "threshold": { - "value": "[parameters('WSFMemoryPercentageThreshold')]" - }, - "effect": { - "value": "[parameters('WSFMemoryPercentagePolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_WSFDiskQueueLength", - "policyDefinitionName": "Deploy_WSF_DiskQueueLength_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('WSFDiskQueueLengthEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('WSFDiskQueueLengthWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('WSFDiskQueueLengthAlertState')]" - }, - "severity": { - "value": "[parameters('WSFDiskQueueLengthAlertSeverity')]" - }, - "failingPeriods": { - "value": "[parameters('WSFDiskQueueLengthFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('WSFDiskQueueLengthEvaluationPeriods')]" - }, - "effect": { - "value": "[parameters('WSFDiskQueueLengthPolicyEffect')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_WSFHttpQueueLength", - "policyDefinitionName": "Deploy_WSF_HttpQueueLength_Alert", - "parameters": { - "evaluationFrequency": { - "value": "[parameters('WSFHttpQueueLengthEvaluationFrequency')]" - }, - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "windowSize": { - "value": "[parameters('WSFHttpQueueLengthWindowSize')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "enabled": { - "value": "[parameters('WSFHttpQueueLengthAlertState')]" - }, - "severity": { - "value": "[parameters('WSFHttpQueueLengthAlertSeverity')]" - }, - "failingPeriods": { - "value": "[parameters('WSFHttpQueueLengthFailingPeriods')]" - }, - "evaluationPeriods": { - "value": "[parameters('WSFHttpQueueLengthEvaluationPeriods')]" - }, - "effect": { - "value": "[parameters('WSFHttpQueueLengthPolicyEffect')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/Definitions/policySetDefinitions/Monitoring/notification-assets.jsonc b/Definitions/policySetDefinitions/Monitoring/notification-assets.jsonc deleted file mode 100644 index 4a351dda..00000000 --- a/Definitions/policySetDefinitions/Monitoring/notification-assets.jsonc +++ /dev/null @@ -1,220 +0,0 @@ -{ - "$schema": "https://raw.githubusercontent.com/Azure/enterprise-azure-policy-as-code/main/Schemas/policy-set-definition-schema.json", - "name": "Notification-Assets", - "properties": { - "displayName": "Deploy Azure Monitor Baseline Alerts - Notification Assets", - "description": "This initiative deploys Notification Assets for Azure Monitor Baseline Alerts. This includes the setup of an Alert Processing Rule and an Action Group to manage notifications and actions, along with a Notification Suppression Rule to manage alert notifications, as well as a Notification Suppression Rule to control alert notifications.", - "metadata": { - "_deployed_by_amba": true, - "alzCloudEnvironments": [ - "AzureCloud" - ], - "version": "1.3.0", - "category": "Monitoring", - "source": "https://github.com/Azure/azure-monitor-baseline-alerts/" - }, - "parameters": { - "ALZMonitorActionGroupEmail": { - "defaultValue": [], - "metadata": { - "description": "Email addresses to send alerts to", - "displayName": "Action Group Email Addresses" - }, - "type": "Array" - }, - "ALZMonitorResourceGroupName": { - "defaultValue": "ALZ-Monitoring-RG", - "metadata": { - "description": "Name of the resource group to deploy the alerts to", - "displayName": "Resource Group Name" - }, - "type": "String" - }, - "BYOActionGroup": { - "defaultValue": [], - "metadata": { - "description": "The Resource IDs of existing Action Groups currently deployed in the environment.", - "displayName": "Customer defined Action Group Resource IDs" - }, - "type": "array" - }, - "ALZMonitorResourceGroupLocation": { - "defaultValue": "centralus", - "metadata": { - "description": "Location of the resource group", - "displayName": "Resource Group Location" - }, - "type": "String" - }, - "ALZMonitorResourceGroupTags": { - "defaultValue": { - "_deployed_by_alz_monitor": true - }, - "metadata": { - "description": "Tags to apply to the resource group", - "displayName": "Resource Group Tags" - }, - "type": "Object" - }, - "BYOAlertProcessingRule": { - "defaultValue": "", - "metadata": { - "description": "The Resource ID of an existing Alert Processing Rule already deployed by the customer in his environment", - "displayName": "Customer defined Alert Processing Rule Resource ID" - }, - "type": "String" - }, - "ALZLogicappCallbackUrl": { - "defaultValue": "", - "metadata": { - "description": "Callback URL that triggers the Logic App", - "displayName": "Logic App Callback URL" - }, - "type": "String" - }, - "ALZLogicappResourceId": { - "defaultValue": "", - "metadata": { - "description": "Logic App Resource Id for Action Group to send alerts to", - "displayName": "Logic App Resource Id" - }, - "type": "String" - }, - "ALZFunctionResourceId": { - "defaultValue": "", - "metadata": { - "description": "Function Resource Id for Action Group to send alerts to", - "displayName": "Function Resource Id" - }, - "type": "String" - }, - "ALZFunctionTriggerUrl": { - "defaultValue": "", - "metadata": { - "description": "URL that triggers the Function", - "displayName": "Function Trigger URL" - }, - "type": "String" - }, - "ALZEventHubResourceId": { - "defaultValue": [], - "metadata": { - "description": "Event Hub resource Ids for action group to send alerts to", - "displayName": "Event Hub resource Ids" - }, - "type": "array" - }, - "ALZWebhookServiceUri": { - "defaultValue": [], - "metadata": { - "description": "Indicates the service uri(s) of the webhook to send alerts to", - "displayName": "Webhook Service Uri(s)" - }, - "type": "Array" - }, - "ALZMonitorDisableTagValues": { - "defaultValue": [ - "true", - "Test", - "Dev", - "Sandbox" - ], - "metadata": { - "description": "Tag value(s) used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag values(s)" - }, - "type": "Array" - }, - "ALZMonitorDisableTagName": { - "defaultValue": "MonitorDisable", - "metadata": { - "description": "Tag name used to disable monitoring at the resource level. Set to true if monitoring should be disabled.", - "displayName": "ALZ Monitoring disabled tag name" - }, - "type": "String" - }, - "ALZArmRoleId": { - "defaultValue": [], - "metadata": { - "description": "Arm Built-in Role Ids for action group to send alerts to", - "displayName": "Arm Role Ids" - }, - "type": "array" - } - }, - "policyDefinitions": [ - { - "policyDefinitionReferenceId": "ALZ_AlertProcessing_Rule", - "policyDefinitionName": "Deploy_AlertProcessing_Rule", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "ALZMonitorActionGroupEmail": { - "value": "[parameters('ALZMonitorActionGroupEmail')]" - }, - "ALZMonitorResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "BYOActionGroup": { - "value": "[parameters('BYOActionGroup')]" - }, - "ALZMonitorResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "ALZMonitorResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - }, - "BYOAlertProcessingRule": { - "value": "[parameters('BYOAlertProcessingRule')]" - }, - "ALZLogicappCallbackUrl": { - "value": "[parameters('ALZLogicappCallbackUrl')]" - }, - "ALZLogicappResourceId": { - "value": "[parameters('ALZLogicappResourceId')]" - }, - "ALZFunctionResourceId": { - "value": "[parameters('ALZFunctionResourceId')]" - }, - "ALZFunctionTriggerUrl": { - "value": "[parameters('ALZFunctionTriggerUrl')]" - }, - "ALZEventHubResourceId": { - "value": "[parameters('ALZEventHubResourceId')]" - }, - "ALZWebhookServiceUri": { - "value": "[parameters('ALZWebhookServiceUri')]" - }, - "ALZArmRoleId": { - "value": "[parameters('ALZArmRoleId')]" - } - } - }, - { - "policyDefinitionReferenceId": "ALZ_Suppression_AlertProcessing_Rule", - "policyDefinitionName": "Deploy_Suppression_AlertProcessing_Rule", - "parameters": { - "MonitorDisableTagValues": { - "value": "[parameters('ALZMonitorDisableTagValues')]" - }, - "MonitorDisableTagName": { - "value": "[parameters('ALZMonitorDisableTagName')]" - }, - "ALZMonitorResourceGroupName": { - "value": "[parameters('ALZMonitorResourceGroupName')]" - }, - "ALZMonitorResourceGroupLocation": { - "value": "[parameters('ALZMonitorResourceGroupLocation')]" - }, - "ALZMonitorResourceGroupTags": { - "value": "[parameters('ALZMonitorResourceGroupTags')]" - } - } - } - ] - } -} \ No newline at end of file diff --git a/export-policies.ps1 b/export-policies.ps1 index f61a2933..3d7af100 100644 --- a/export-policies.ps1 +++ b/export-policies.ps1 @@ -28,7 +28,7 @@ $gs | Out-File ./Definitions/global-settings.jsonc -Verbose git clone https://github.com/Azure/azure-monitor-baseline-alerts.git tmp -Copy-Item ./tmp/patterns/alz/scripts/Start-AMBACleanup.ps1 ./assets/Start-AMBACleanup.ps1 -Verbose +Copy-Item ./tmp/patterns/alz/scripts/Start-ALZMonitorCleanup.ps1 ./assets/Start-ALZMonitorCleanup.ps1 -Verbose $pseudoRootManagementGroup = "amba" @@ -65,9 +65,9 @@ Remove-Item -Path ./Definitions/global-settings.jsonc -Force # Fix missing displaynames in the policy set definitions -./assets/Start-AMBACleanup.ps1 -pseudoRootManagementGroup $pseudoRootManagementGroup -Confirm:$false +./assets/Start-ALZMonitorCleanup.ps1 -Confirm:$false -Remove-Item -Path ./assets/Start-AMBACleanup.ps1 -Force +Remove-Item -Path ./assets/Start-ALZMonitorCleanup.ps1 -Force