diff --git a/azure-resources/ApiManagement/service/kql/740f2c1c-8857-4648-80eb-47d2c56d5a50.kql b/azure-resources/ApiManagement/service/kql/740f2c1c-8857-4648-80eb-47d2c56d5a50.kql index 3aeb89588..b7406e9b5 100644 --- a/azure-resources/ApiManagement/service/kql/740f2c1c-8857-4648-80eb-47d2c56d5a50.kql +++ b/azure-resources/ApiManagement/service/kql/740f2c1c-8857-4648-80eb-47d2c56d5a50.kql @@ -2,6 +2,7 @@ // Find all Premium API Management instances that aren't zone redundant resources | where type =~ 'Microsoft.ApiManagement/service' +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | extend skuName = sku.name | where tolower(skuName) == tolower('premium') | where isnull(zones) or array_length(zones) < 2 diff --git a/azure-resources/ApiManagement/service/kql/baf3bfc0-32a2-4c0c-926d-c9bf0b49808e.kql b/azure-resources/ApiManagement/service/kql/baf3bfc0-32a2-4c0c-926d-c9bf0b49808e.kql index e1a94fb52..1ffea5815 100644 --- a/azure-resources/ApiManagement/service/kql/baf3bfc0-32a2-4c0c-926d-c9bf0b49808e.kql +++ b/azure-resources/ApiManagement/service/kql/baf3bfc0-32a2-4c0c-926d-c9bf0b49808e.kql @@ -5,4 +5,3 @@ resources | extend skuName = sku.name | where tolower(skuName) != tolower('premium') | project recommendationId = "baf3bfc0-32a2-4c0c-926d-c9bf0b49808e", name, id, tags, param1=strcat("SKU: ", skuName) - diff --git a/azure-resources/App/managedEnvironments/kql/f4201965-a88d-449d-b3b4-021394719eb2.kql b/azure-resources/App/managedEnvironments/kql/f4201965-a88d-449d-b3b4-021394719eb2.kql index 5a2ab97bb..dd78cef69 100644 --- a/azure-resources/App/managedEnvironments/kql/f4201965-a88d-449d-b3b4-021394719eb2.kql +++ b/azure-resources/App/managedEnvironments/kql/f4201965-a88d-449d-b3b4-021394719eb2.kql @@ -2,6 +2,7 @@ // The query filters the qualified Container app environments that do not have Zone Redundancy enabled. resources | where type =~ "microsoft.app/managedenvironments" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where tobool(properties.zoneRedundant) == false | project recommendationId = "f4201965-a88d-449d-b3b4-021394719eb2", name, id, tags, param1 = "AvailabilityZones: Single Zone" | order by id asc diff --git a/azure-resources/Cache/Redis/kql/5a44bd30-ae6a-4b81-9b68-dc3a8ffca4d8.kql b/azure-resources/Cache/Redis/kql/5a44bd30-ae6a-4b81-9b68-dc3a8ffca4d8.kql index b96980d03..7d1ccc545 100644 --- a/azure-resources/Cache/Redis/kql/5a44bd30-ae6a-4b81-9b68-dc3a8ffca4d8.kql +++ b/azure-resources/Cache/Redis/kql/5a44bd30-ae6a-4b81-9b68-dc3a8ffca4d8.kql @@ -2,6 +2,7 @@ // Find Cache for Redis instances with one or no Zones selected resources | where type =~ "microsoft.cache/redis" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where array_length(zones) <= 1 or isnull(zones) | project recommendationId = "5a44bd30-ae6a-4b81-9b68-dc3a8ffca4d8", name, id, tags, param1 = "AvailabilityZones: Single Zone" | order by id asc diff --git a/azure-resources/CognitiveServices/_index.md b/azure-resources/CognitiveServices/_index.md index ef5efc257..f6d0f9844 100644 --- a/azure-resources/CognitiveServices/_index.md +++ b/azure-resources/CognitiveServices/_index.md @@ -1,5 +1,5 @@ --- title: CognitiveServices geekdocCollapseSection: true -geekdocHidden: true +geekdocHidden: false --- diff --git a/azure-resources/CognitiveServices/accounts/_index.md b/azure-resources/CognitiveServices/accounts/_index.md index 024959468..0647ff9d2 100644 --- a/azure-resources/CognitiveServices/accounts/_index.md +++ b/azure-resources/CognitiveServices/accounts/_index.md @@ -1,7 +1,7 @@ --- title: accounts geekdocCollapseSection: true -geekdocHidden: true +geekdocHidden: false --- {{< azure-resources-recommendationlist name="azure-resources-recommendationlist" >}} diff --git a/azure-resources/CognitiveServices/accounts/recommendations.yaml b/azure-resources/CognitiveServices/accounts/recommendations.yaml new file mode 100644 index 000000000..7cab44ff4 --- /dev/null +++ b/azure-resources/CognitiveServices/accounts/recommendations.yaml @@ -0,0 +1,18 @@ +- description: Enable diagnostic logging for Azure AI services and send the data to Log Analytics + aprlGuid: d6d9e18a-9ad2-491e-878d-86d621785453 + recommendationTypeId: null + recommendationControl: Monitoring + recommendationImpact: Low + recommendationResourceType: Microsoft.CognitiveServices/Accounts + recommendationMetadataState: Active + longDescription: | + All Logs and Metrics should be configured. These logs provide rich, frequent data about the operation of a resource that are used for issue identification and debugging. + potentialBenefits: Enhanced monitoring and troubleshooting capabilities + pgVerified: false + publishedToLearn: false + publishedToAdvisor: false + automationAvailable: no + tags: null + learnMoreLink: + - name: Enable diagnostic logging for Azure AI services + url: "https://learn.microsoft.com/en-us/azure/ai-services/diagnostic-logging" diff --git a/azure-resources/Compute/galleries/kql/488dcc8b-f2e3-40ce-bf95-73deb2db095f.kql b/azure-resources/Compute/galleries/kql/488dcc8b-f2e3-40ce-bf95-73deb2db095f.kql index 3135d7bd3..19e6a93eb 100644 --- a/azure-resources/Compute/galleries/kql/488dcc8b-f2e3-40ce-bf95-73deb2db095f.kql +++ b/azure-resources/Compute/galleries/kql/488dcc8b-f2e3-40ce-bf95-73deb2db095f.kql @@ -2,6 +2,7 @@ // Query to list all image versions and its associated image and gallery name whose Storage account type is not using ZRS resources | where type =~ "microsoft.compute/galleries/images/versions" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | extend GalleryName = tostring(split(tostring(id), "/")[8]), ImageName = tostring(split(tostring(id), "/")[10]) | extend StorageAccountType = tostring(properties.publishingProfile.storageAccountType) | where StorageAccountType !has "ZRS" diff --git a/azure-resources/Compute/virtualMachineScaleSets/kql/1422c567-782c-7148-ac7c-5fc14cf45adc.kql b/azure-resources/Compute/virtualMachineScaleSets/kql/1422c567-782c-7148-ac7c-5fc14cf45adc.kql index e01dfa0a3..32b1dcf0f 100644 --- a/azure-resources/Compute/virtualMachineScaleSets/kql/1422c567-782c-7148-ac7c-5fc14cf45adc.kql +++ b/azure-resources/Compute/virtualMachineScaleSets/kql/1422c567-782c-7148-ac7c-5fc14cf45adc.kql @@ -2,6 +2,7 @@ // Find VMSS instances with one or no Zones selected resources | where type == "microsoft.compute/virtualmachinescalesets" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where array_length(zones) <= 1 or isnull(zones) | project recommendationId = "1422c567-782c-7148-ac7c-5fc14cf45adc", name, id, tags, param1 = "AvailabilityZones: Single Zone" | order by id asc diff --git a/azure-resources/Compute/virtualMachines/kql/2bd0be95-a825-6f47-a8c6-3db1fb5eb387.kql b/azure-resources/Compute/virtualMachines/kql/2bd0be95-a825-6f47-a8c6-3db1fb5eb387.kql index b698bdb26..5cd23cb1b 100644 --- a/azure-resources/Compute/virtualMachines/kql/2bd0be95-a825-6f47-a8c6-3db1fb5eb387.kql +++ b/azure-resources/Compute/virtualMachines/kql/2bd0be95-a825-6f47-a8c6-3db1fb5eb387.kql @@ -2,6 +2,6 @@ // Find all VMs that are not assigned to a Zone Resources | where type =~ 'Microsoft.Compute/virtualMachines' +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where isnull(zones) | project recommendationId="2bd0be95-a825-6f47-a8c6-3db1fb5eb387", name, id, tags, param1="No Zone" - diff --git a/azure-resources/Compute/virtualMachines/kql/fa0cf4f5-0b21-47b7-89a9-ee936f193ce1.kql b/azure-resources/Compute/virtualMachines/kql/fa0cf4f5-0b21-47b7-89a9-ee936f193ce1.kql index fb71c60b3..3f09586a8 100644 --- a/azure-resources/Compute/virtualMachines/kql/fa0cf4f5-0b21-47b7-89a9-ee936f193ce1.kql +++ b/azure-resources/Compute/virtualMachines/kql/fa0cf4f5-0b21-47b7-89a9-ee936f193ce1.kql @@ -2,6 +2,7 @@ // Find eligible Disks that are not zonal nor zone redundant resources | where type == 'microsoft.compute/disks' +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where sku has "Premium_LRS" or sku has "StandardSSD_LRS" | where sku.name has_cs 'ZRS' or array_length(zones) > 0 | project recommendationId="fa0cf4f5-0b21-47b7-89a9-ee936f193ce1", name, id, tags, param1 = sku, param2 = sku.name diff --git a/azure-resources/ContainerRegistry/registries/kql/63491f70-22e4-3b4a-8b0c-845450e46fac.kql b/azure-resources/ContainerRegistry/registries/kql/63491f70-22e4-3b4a-8b0c-845450e46fac.kql index 85eed1a80..3277542eb 100644 --- a/azure-resources/ContainerRegistry/registries/kql/63491f70-22e4-3b4a-8b0c-845450e46fac.kql +++ b/azure-resources/ContainerRegistry/registries/kql/63491f70-22e4-3b4a-8b0c-845450e46fac.kql @@ -2,6 +2,7 @@ // Find all Container Registries that do not have zone redundancy enabled resources | where type =~ "microsoft.containerregistry/registries" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where properties.zoneRedundancy != "Enabled" | project recommendationId = "63491f70-22e4-3b4a-8b0c-845450e46fac", name, id, tags, param1=strcat("zoneRedundancy: ", tostring(properties.zoneRedundancy)) | order by id asc diff --git a/azure-resources/ContainerService/managedClusters/kql/4f63619f-5001-439c-bacb-8de891287727.kql b/azure-resources/ContainerService/managedClusters/kql/4f63619f-5001-439c-bacb-8de891287727.kql index e2ddcba4d..112aaa654 100644 --- a/azure-resources/ContainerService/managedClusters/kql/4f63619f-5001-439c-bacb-8de891287727.kql +++ b/azure-resources/ContainerService/managedClusters/kql/4f63619f-5001-439c-bacb-8de891287727.kql @@ -2,6 +2,7 @@ // Returns AKS clusters that do not have any availability zones enabled or only use a single zone resources | where type =~ "Microsoft.ContainerService/managedClusters" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | project id, name, tags, location, pools = properties.agentPoolProfiles | mv-expand pool = pools | extend diff --git a/azure-resources/DBforMySQL/flexibleServers/kql/88856605-53d8-4bbd-a75b-4a7b14939d32.kql b/azure-resources/DBforMySQL/flexibleServers/kql/88856605-53d8-4bbd-a75b-4a7b14939d32.kql index 00bb8befa..cc88e7569 100644 --- a/azure-resources/DBforMySQL/flexibleServers/kql/88856605-53d8-4bbd-a75b-4a7b14939d32.kql +++ b/azure-resources/DBforMySQL/flexibleServers/kql/88856605-53d8-4bbd-a75b-4a7b14939d32.kql @@ -2,5 +2,6 @@ // Find Database for MySQL instances that are not zone redundant resources | where type == "microsoft.dbformysql/flexibleservers" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where properties.highAvailability.mode != "ZoneRedundant" | project recommendationId = "88856605-53d8-4bbd-a75b-4a7b14939d32", name, id, tags, param1 = "ZoneRedundant: False" diff --git a/azure-resources/DBforPostgreSQL/flexibleServers/kql/ca87914f-aac4-4783-ab67-82a6f936f194.kql b/azure-resources/DBforPostgreSQL/flexibleServers/kql/ca87914f-aac4-4783-ab67-82a6f936f194.kql index c7b1011bf..4e051c623 100644 --- a/azure-resources/DBforPostgreSQL/flexibleServers/kql/ca87914f-aac4-4783-ab67-82a6f936f194.kql +++ b/azure-resources/DBforPostgreSQL/flexibleServers/kql/ca87914f-aac4-4783-ab67-82a6f936f194.kql @@ -2,5 +2,6 @@ // Find Database for PostgreSQL instances that are not zone redundant resources | where type == "microsoft.dbforpostgresql/flexibleservers" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where properties.highAvailability.mode != "ZoneRedundant" | project recommendationId = "ca87914f-aac4-4783-ab67-82a6f936f194", name, id, tags, param1 = "ZoneRedundant: False" diff --git a/azure-resources/NetApp/netAppAccounts/kql/47d100a5-7f85-5742-967a-67eb5081240a.kql b/azure-resources/NetApp/netAppAccounts/kql/47d100a5-7f85-5742-967a-67eb5081240a.kql index c7bdfe6f1..81b6fbfc3 100644 --- a/azure-resources/NetApp/netAppAccounts/kql/47d100a5-7f85-5742-967a-67eb5081240a.kql +++ b/azure-resources/NetApp/netAppAccounts/kql/47d100a5-7f85-5742-967a-67eb5081240a.kql @@ -2,6 +2,7 @@ // This Resource Graph query will return all Azure NetApp Files volumes without an availability zone defined. Resources | where type =~ "Microsoft.NetApp/netAppAccounts/capacityPools/volumes" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where array_length(zones) == 0 or isnull(zones) | project recommendationId = "47d100a5-7f85-5742-967a-67eb5081240a", name, id, tags diff --git a/azure-resources/NetApp/netAppAccounts/kql/e3d742e1-dacd-9b48-b6b1-510ec9f87c96.kql b/azure-resources/NetApp/netAppAccounts/kql/e3d742e1-dacd-9b48-b6b1-510ec9f87c96.kql index 05970db68..ec06337a9 100644 --- a/azure-resources/NetApp/netAppAccounts/kql/e3d742e1-dacd-9b48-b6b1-510ec9f87c96.kql +++ b/azure-resources/NetApp/netAppAccounts/kql/e3d742e1-dacd-9b48-b6b1-510ec9f87c96.kql @@ -1,10 +1,11 @@ // Azure Resource Graph Query // This Resource Graph query will return all Azure NetApp Files volumes without cross-zone replication. resources -| where type == "microsoft.netapp/netappaccounts/capacitypools/volumes" -| extend remoteVolumeRegion = properties.dataProtection.replication.remoteVolumeRegion -| extend volumeType = properties.volumeType -| extend replicationType = iff((remoteVolumeRegion == location), "CZR", iff((remoteVolumeRegion == ""),"n/a","CRR")) +| where type == "microsoft.netapp/netappaccounts/capacitypools/volumes" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") +| extend remoteVolumeRegion = properties.dataProtection.replication.remoteVolumeRegion +| extend volumeType = properties.volumeType +| extend replicationType = iff((remoteVolumeRegion == location), "CZR", iff((remoteVolumeRegion == ""),"n/a","CRR")) | where replicationType != "CZR" and volumeType != "DataProtection" | project recommendationId = "e3d742e1-dacd-9b48-b6b1-510ec9f87c96", name, id, tags diff --git a/azure-resources/Network/applicationGateways/kql/c9c00f2a-3888-714b-a72b-b4c9e8fcffb2.kql b/azure-resources/Network/applicationGateways/kql/c9c00f2a-3888-714b-a72b-b4c9e8fcffb2.kql index c4c4874c4..3e0f5c69c 100644 --- a/azure-resources/Network/applicationGateways/kql/c9c00f2a-3888-714b-a72b-b4c9e8fcffb2.kql +++ b/azure-resources/Network/applicationGateways/kql/c9c00f2a-3888-714b-a72b-b4c9e8fcffb2.kql @@ -2,6 +2,7 @@ // list Application Gateways that are not configured to use at least 2 Availability Zones resources | where type =~ "microsoft.network/applicationGateways" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where isnull(zones) or array_length(zones) < 2 | extend zoneValue = iff((isnull(zones)), "null", zones) | project recommendationId = "c9c00f2a-3888-714b-a72b-b4c9e8fcffb2", name, id, tags, param1="Zones: No Zone or Zonal", param2=strcat("Zones value: ", zoneValue ) diff --git a/azure-resources/Network/azureFirewalls/kql/c72b7fee-1fa0-5b4b-98e5-54bcae95bb74.kql b/azure-resources/Network/azureFirewalls/kql/c72b7fee-1fa0-5b4b-98e5-54bcae95bb74.kql index 6cd1d1202..6585d0d2a 100644 --- a/azure-resources/Network/azureFirewalls/kql/c72b7fee-1fa0-5b4b-98e5-54bcae95bb74.kql +++ b/azure-resources/Network/azureFirewalls/kql/c72b7fee-1fa0-5b4b-98e5-54bcae95bb74.kql @@ -2,6 +2,7 @@ // List all Azure Firewalls that are not configured with multiple availability zones or deployed without a zone resources | where type == 'microsoft.network/azurefirewalls' +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where array_length(zones) <= 1 or isnull(zones) | where isempty(properties.virtualHub.id) or isnull(properties.virtualHub.id) | project recommendationId = "c72b7fee-1fa0-5b4b-98e5-54bcae95bb74", name, id, tags, param1="multipleZones:false" diff --git a/azure-resources/Network/loadBalancers/kql/621dbc78-3745-4d32-8eac-9e65b27b7512.kql b/azure-resources/Network/loadBalancers/kql/621dbc78-3745-4d32-8eac-9e65b27b7512.kql index b2959c5e6..583692418 100644 --- a/azure-resources/Network/loadBalancers/kql/621dbc78-3745-4d32-8eac-9e65b27b7512.kql +++ b/azure-resources/Network/loadBalancers/kql/621dbc78-3745-4d32-8eac-9e65b27b7512.kql @@ -2,6 +2,7 @@ // Find all LoadBalancers with with regional or zonal public IP Addresses resources | where type == "microsoft.network/loadbalancers" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where tolower(sku.name) != 'basic' | mv-expand feIPconfigs = properties.frontendIPConfigurations | extend @@ -15,6 +16,7 @@ resources | project name, feConfigName, id | union (resources | where type == "microsoft.network/loadbalancers" + | where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where tolower(sku.name) != 'basic' | mv-expand feIPconfigs = properties.frontendIPConfigurations | extend @@ -25,6 +27,7 @@ resources | join kind=innerunique ( resources | where type == "microsoft.network/publicipaddresses" + | where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where isnull(zones) or array_length(zones) < 2 | extend LBid = toupper(substring(properties.ipConfiguration.id, 0, indexof(properties.ipConfiguration.id, '/frontendIPConfigurations'))), diff --git a/azure-resources/Network/publicIPAddresses/kql/c63b81fb-7afc-894c-a840-91bb8a8dcfaf.kql b/azure-resources/Network/publicIPAddresses/kql/c63b81fb-7afc-894c-a840-91bb8a8dcfaf.kql index ceaf305e5..9ab9dcfb6 100644 --- a/azure-resources/Network/publicIPAddresses/kql/c63b81fb-7afc-894c-a840-91bb8a8dcfaf.kql +++ b/azure-resources/Network/publicIPAddresses/kql/c63b81fb-7afc-894c-a840-91bb8a8dcfaf.kql @@ -2,6 +2,7 @@ // List public IP addresses that are not Zone-Redundant Resources | where type =~ "Microsoft.Network/publicIPAddresses" and sku.tier =~ "Regional" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where isempty(zones) or array_length(zones) <= 1 | extend az = case(isempty(zones), "Non-zonal", array_length(zones) <= 1, strcat("Zonal (", strcat_array(zones, ","), ")"), zones) | project recommendationId = "c63b81fb-7afc-894c-a840-91bb8a8dcfaf", name, id, tags, param1 = strcat("sku: ", sku.name), param2 = strcat("availabilityZone: ", az) diff --git a/azure-resources/Network/virtualNetworkGateways/kql/4bae5a28-5cf4-40d9-bcf1-623d28f6d917.kql b/azure-resources/Network/virtualNetworkGateways/kql/4bae5a28-5cf4-40d9-bcf1-623d28f6d917.kql index 6fb37cc35..47f8c46db 100644 --- a/azure-resources/Network/virtualNetworkGateways/kql/4bae5a28-5cf4-40d9-bcf1-623d28f6d917.kql +++ b/azure-resources/Network/virtualNetworkGateways/kql/4bae5a28-5cf4-40d9-bcf1-623d28f6d917.kql @@ -2,12 +2,14 @@ // Provides a list of zone-redundant Azure VPN gateways associated with non-zone-redundant Public IPs resources | where type =~ "Microsoft.Network/virtualNetworkGateways" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where properties.gatewayType == "Vpn" | where properties.sku.tier contains 'AZ' | mv-expand ipconfig = properties.ipConfigurations | extend pipId = tostring(ipconfig.properties.publicIPAddress.id) | join kind=inner ( resources + | where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where type == "microsoft.network/publicipaddresses" | where isnull(zones) or array_length(zones) < 3 ) on $left.pipId == $right.id diff --git a/azure-resources/Network/virtualNetworkGateways/kql/5b1933a6-90e4-f642-a01f-e58594e5aab2.kql b/azure-resources/Network/virtualNetworkGateways/kql/5b1933a6-90e4-f642-a01f-e58594e5aab2.kql index 625831e1a..2c4335ad9 100644 --- a/azure-resources/Network/virtualNetworkGateways/kql/5b1933a6-90e4-f642-a01f-e58594e5aab2.kql +++ b/azure-resources/Network/virtualNetworkGateways/kql/5b1933a6-90e4-f642-a01f-e58594e5aab2.kql @@ -2,6 +2,7 @@ // For all VNGs of type Vpn, show any that do not have AZ in the SKU tier resources | where type =~ "Microsoft.Network/virtualNetworkGateways" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where properties.gatewayType == "Vpn" | where properties.sku.tier !contains 'AZ' | project recommendationId = "5b1933a6-90e4-f642-a01f-e58594e5aab2", name, id, tags, param1= strcat("sku-tier: " , properties.sku.tier), param2=location diff --git a/azure-resources/Network/virtualNetworkGateways/kql/bbe668b7-eb5c-c746-8b82-70afdedf0cae.kql b/azure-resources/Network/virtualNetworkGateways/kql/bbe668b7-eb5c-c746-8b82-70afdedf0cae.kql index 1440605fe..f5aaa295a 100644 --- a/azure-resources/Network/virtualNetworkGateways/kql/bbe668b7-eb5c-c746-8b82-70afdedf0cae.kql +++ b/azure-resources/Network/virtualNetworkGateways/kql/bbe668b7-eb5c-c746-8b82-70afdedf0cae.kql @@ -2,6 +2,7 @@ // For all VNGs of type ExpressRoute, show any that do not have AZ in the SKU tier resources | where type =~ "Microsoft.Network/virtualNetworkGateways" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where properties.gatewayType == "ExpressRoute" | where properties.sku.tier !contains 'AZ' | project recommendationId = "bbe668b7-eb5c-c746-8b82-70afdedf0cae", name, id, tags, param1= strcat("sku-tier: " , properties.sku.tier), param2=location diff --git a/azure-resources/SignalRService/signalR/kql/6a8b3db9-5773-413a-a127-4f7032f34bbd.kql b/azure-resources/SignalRService/signalR/kql/6a8b3db9-5773-413a-a127-4f7032f34bbd.kql index 248ca895f..eb7c7aa59 100644 --- a/azure-resources/SignalRService/signalR/kql/6a8b3db9-5773-413a-a127-4f7032f34bbd.kql +++ b/azure-resources/SignalRService/signalR/kql/6a8b3db9-5773-413a-a127-4f7032f34bbd.kql @@ -2,6 +2,7 @@ // Find SignalR instances that are not configured with the Premium tier resources | where type == "microsoft.signalrservice/signalr" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where sku.tier != "Premium" | project recommendationId = "6a8b3db9-5773-413a-a127-4f7032f34bbd", name, id, tags, param1 = "AvailabilityZones: Single Zone" | order by id asc diff --git a/azure-resources/Sql/servers/kql/c0085c32-84c0-c247-bfa9-e70977cbf108.kql b/azure-resources/Sql/servers/kql/c0085c32-84c0-c247-bfa9-e70977cbf108.kql index 19e256b51..847997ec3 100644 --- a/azure-resources/Sql/servers/kql/c0085c32-84c0-c247-bfa9-e70977cbf108.kql +++ b/azure-resources/Sql/servers/kql/c0085c32-84c0-c247-bfa9-e70977cbf108.kql @@ -2,6 +2,7 @@ // Finds non-zone redundant SQL databases and lists them Resources | where type =~ 'microsoft.sql/servers/databases' +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where tolower(tostring(properties.zoneRedundant))=~'false' |project recommendationId = "c0085c32-84c0-c247-bfa9-e70977cbf108", name, id, tags diff --git a/azure-resources/Storage/storageAccounts/kql/e6c7e1cc-2f47-264d-aa50-1da421314472.kql b/azure-resources/Storage/storageAccounts/kql/e6c7e1cc-2f47-264d-aa50-1da421314472.kql index 7d19303bd..3010bdc6e 100644 --- a/azure-resources/Storage/storageAccounts/kql/e6c7e1cc-2f47-264d-aa50-1da421314472.kql +++ b/azure-resources/Storage/storageAccounts/kql/e6c7e1cc-2f47-264d-aa50-1da421314472.kql @@ -2,6 +2,7 @@ // This query will return all storage accounts that are not using Zone or Region replication Resources | where type =~ "Microsoft.Storage/storageAccounts" +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | where sku.name in~ ("Standard_LRS", "Premium_LRS") | project recommendationId = "e6c7e1cc-2f47-264d-aa50-1da421314472", name, id, tags, param1 = strcat("sku: ", sku.name) diff --git a/azure-resources/Web/serverFarms/kql/88cb90c2-3b99-814b-9820-821a63f600dd.kql b/azure-resources/Web/serverFarms/kql/88cb90c2-3b99-814b-9820-821a63f600dd.kql index 0e55dd646..92a63e2c7 100644 --- a/azure-resources/Web/serverFarms/kql/88cb90c2-3b99-814b-9820-821a63f600dd.kql +++ b/azure-resources/Web/serverFarms/kql/88cb90c2-3b99-814b-9820-821a63f600dd.kql @@ -4,6 +4,7 @@ resources | where type =~ 'microsoft.web/serverfarms' +| where location in~ ("australiaeast", "brazilsouth", "canadacentral", "centralindia", "centralus", "eastasia", "eastus", "eastus2", "francecentral", "germanywestcentral", "israelcentral", "italynorth", "japaneast", "japanwest", "koreacentral", "mexicocentral", "newzealandnorth", "northeurope", "norwayeast", "polandcentral", "qatarcentral", "southafricanorth", "southcentralus", "southeastasia", "spaincentral", "swedencentral", "switzerlandnorth", "uaenorth", "uksouth", "westeurope", "westus2", "westus3", "usgovvirginia", "chinanorth3") | extend zoneRedundant = tobool(properties.zoneRedundant) | extend sku_tier = tostring(sku.tier) | where (tolower(sku_tier) contains "isolated" or tolower(sku_tier) contains "premium") and zoneRedundant == false