From cefab4b64539df8fd46548005a1e667ab23f60aa Mon Sep 17 00:00:00 2001
From: Robert Lightner <rolightn@microsoft.com>
Date: Thu, 3 Oct 2024 16:21:22 -0400
Subject: [PATCH] feat: Added KQL for ExpressRoute FastPath Connections

---
 .../f6a14b32-a727-4ace-b5fa-7b1c6bdff402.kql  | 22 +++++++++++++++++--
 .../Network/connections/recommendations.yaml  |  2 +-
 2 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/azure-resources/Network/connections/kql/f6a14b32-a727-4ace-b5fa-7b1c6bdff402.kql b/azure-resources/Network/connections/kql/f6a14b32-a727-4ace-b5fa-7b1c6bdff402.kql
index 825659376..3207b1276 100644
--- a/azure-resources/Network/connections/kql/f6a14b32-a727-4ace-b5fa-7b1c6bdff402.kql
+++ b/azure-resources/Network/connections/kql/f6a14b32-a727-4ace-b5fa-7b1c6bdff402.kql
@@ -1,2 +1,20 @@
-// under-development
-
+// Azure Resource Graph Query
+// Find all ExpressRoute Connections that are connected to ErGw3AZ or UltraPerformance gateway sku that don't have
+// FastPath enabled for both the Gateway Bypass or Private Endpoint/Link service.
+resources
+| where type == "microsoft.network/connections"
+| where properties.connectionType =~ 'expressroute'
+| extend gatewayId = tostring(properties.virtualNetworkGateway1.id)
+| join kind=inner (
+    resources
+    | where type =~ "Microsoft.Network/virtualNetworkGateways"
+    | where properties.sku.name in~ ("ErGw3AZ", "UltraPerformance")
+    | extend gatewayId = tostring(id)
+) on gatewayId
+| extend erGatewayBypass = tobool(properties.expressRouteGatewayBypass)
+| extend privateLinkFastPath = tobool(properties.enablePrivateLinkFastPath)
+| where not(erGatewayBypass) or not(privateLinkFastPath)
+| project recommendationId = "f6a14b32-a727-4ace-b5fa-7b1c6bdff402", id, name, tags,
+    param1 = iff(erGatewayBypass, "✅ Enabled: Gateway Bypass", "❌ Disabled: Gateway Bypass"),
+    param2 = iff(privateLinkFastPath, "✅ Enabled: PE FastPath", "❌ Disabled: PE FastPath"),
+    param3 = "More info: https://learn.microsoft.com/en-us/azure/expressroute/about-fastpath"
diff --git a/azure-resources/Network/connections/recommendations.yaml b/azure-resources/Network/connections/recommendations.yaml
index 200e269fd..e7cf00e00 100644
--- a/azure-resources/Network/connections/recommendations.yaml
+++ b/azure-resources/Network/connections/recommendations.yaml
@@ -1,4 +1,4 @@
-- description: For better data path performance enable FastPath on ExpressRoute Direct and Gateway
+- description: For better data path performance enable FastPath on ExpressRoute Connections
   aprlGuid: f6a14b32-a727-4ace-b5fa-7b1c6bdff402
   recommendationTypeId: null
   recommendationControl: Scalability