From 475d9586cb256453f2e8a91d4b8d5beca1215e38 Mon Sep 17 00:00:00 2001 From: Rodrigo Santos Date: Thu, 29 Aug 2024 23:09:26 -0400 Subject: [PATCH] feat: Add SQL/ManagedInstances and StreamAnalyticsJobs and Fix ExpressRoute Circuits (#381) Co-authored-by: Rodrigo Reis Santos (AZURE) --- .../0e19cc41-8274-1342-b0db-0e4146eacef8.kql | 1 - .../2a5bf650-586d-db4c-a292-d922be7d3e0e.kql | 1 - .../4d703025-dafc-f840-a183-5dc440456134.kql | 2 +- .../Sql/managedInstances/_index.md | 2 +- .../15e2712c-f3ea-4a8d-9081-11e822b1ccfb.kql | 2 + .../257cd903-700f-4a79-bd37-7dce2b511df4.kql | 2 + .../9fad5392-b852-4807-9b6d-3f700ff9771a.kql | 2 + .../c14de326-2729-4be7-a91f-4ea185d24b10.kql | 2 + .../c9afeb1e-e706-4809-be4e-75d9fac708f2.kql | 2 + .../f8f834a9-c761-4e84-b2cb-ac55494d0c37.kql | 2 + .../Sql/managedInstances/recommendations.yaml | 113 ++++++++++++++++++ azure-resources/StreamAnalytics/_index.md | 2 +- .../StreamAnalytics/streamingJobs/_index.md | 2 +- .../5d40d3d4-179d-4cf5-ac24-901210f512e7.kql | 6 + .../e48a7227-5ec7-463a-b955-ee7cb598ded4.kql | 6 + .../streamingJobs/recommendations.yaml | 37 ++++++ 16 files changed, 178 insertions(+), 6 deletions(-) create mode 100644 azure-resources/Sql/managedInstances/kql/15e2712c-f3ea-4a8d-9081-11e822b1ccfb.kql create mode 100644 azure-resources/Sql/managedInstances/kql/257cd903-700f-4a79-bd37-7dce2b511df4.kql create mode 100644 azure-resources/Sql/managedInstances/kql/9fad5392-b852-4807-9b6d-3f700ff9771a.kql create mode 100644 azure-resources/Sql/managedInstances/kql/c14de326-2729-4be7-a91f-4ea185d24b10.kql create mode 100644 azure-resources/Sql/managedInstances/kql/c9afeb1e-e706-4809-be4e-75d9fac708f2.kql create mode 100644 azure-resources/Sql/managedInstances/kql/f8f834a9-c761-4e84-b2cb-ac55494d0c37.kql create mode 100644 azure-resources/Sql/managedInstances/recommendations.yaml create mode 100644 azure-resources/StreamAnalytics/streamingJobs/kql/5d40d3d4-179d-4cf5-ac24-901210f512e7.kql create mode 100644 azure-resources/StreamAnalytics/streamingJobs/kql/e48a7227-5ec7-463a-b955-ee7cb598ded4.kql create mode 100644 azure-resources/StreamAnalytics/streamingJobs/recommendations.yaml diff --git a/azure-resources/Network/expressRouteCircuits/kql/0e19cc41-8274-1342-b0db-0e4146eacef8.kql b/azure-resources/Network/expressRouteCircuits/kql/0e19cc41-8274-1342-b0db-0e4146eacef8.kql index 62b578dfe..fa5cad258 100644 --- a/azure-resources/Network/expressRouteCircuits/kql/0e19cc41-8274-1342-b0db-0e4146eacef8.kql +++ b/azure-resources/Network/expressRouteCircuits/kql/0e19cc41-8274-1342-b0db-0e4146eacef8.kql @@ -1,2 +1 @@ // cannot-be-validated-with-arg - diff --git a/azure-resources/Network/expressRouteCircuits/kql/2a5bf650-586d-db4c-a292-d922be7d3e0e.kql b/azure-resources/Network/expressRouteCircuits/kql/2a5bf650-586d-db4c-a292-d922be7d3e0e.kql index 62b578dfe..fa5cad258 100644 --- a/azure-resources/Network/expressRouteCircuits/kql/2a5bf650-586d-db4c-a292-d922be7d3e0e.kql +++ b/azure-resources/Network/expressRouteCircuits/kql/2a5bf650-586d-db4c-a292-d922be7d3e0e.kql @@ -1,2 +1 @@ // cannot-be-validated-with-arg - diff --git a/azure-resources/Network/expressRouteCircuits/kql/4d703025-dafc-f840-a183-5dc440456134.kql b/azure-resources/Network/expressRouteCircuits/kql/4d703025-dafc-f840-a183-5dc440456134.kql index 614a7f9ca..fa5cad258 100644 --- a/azure-resources/Network/expressRouteCircuits/kql/4d703025-dafc-f840-a183-5dc440456134.kql +++ b/azure-resources/Network/expressRouteCircuits/kql/4d703025-dafc-f840-a183-5dc440456134.kql @@ -1 +1 @@ -// under-development +// cannot-be-validated-with-arg diff --git a/azure-resources/Sql/managedInstances/_index.md b/azure-resources/Sql/managedInstances/_index.md index afe66c325..baccc3750 100644 --- a/azure-resources/Sql/managedInstances/_index.md +++ b/azure-resources/Sql/managedInstances/_index.md @@ -1,7 +1,7 @@ --- title: managedInstances geekdocCollapseSection: true -geekdocHidden: true +geekdocHidden: false --- {{< azure-resources-recommendationlist name="azure-resources-recommendationlist" >}} diff --git a/azure-resources/Sql/managedInstances/kql/15e2712c-f3ea-4a8d-9081-11e822b1ccfb.kql b/azure-resources/Sql/managedInstances/kql/15e2712c-f3ea-4a8d-9081-11e822b1ccfb.kql new file mode 100644 index 000000000..825659376 --- /dev/null +++ b/azure-resources/Sql/managedInstances/kql/15e2712c-f3ea-4a8d-9081-11e822b1ccfb.kql @@ -0,0 +1,2 @@ +// under-development + diff --git a/azure-resources/Sql/managedInstances/kql/257cd903-700f-4a79-bd37-7dce2b511df4.kql b/azure-resources/Sql/managedInstances/kql/257cd903-700f-4a79-bd37-7dce2b511df4.kql new file mode 100644 index 000000000..825659376 --- /dev/null +++ b/azure-resources/Sql/managedInstances/kql/257cd903-700f-4a79-bd37-7dce2b511df4.kql @@ -0,0 +1,2 @@ +// under-development + diff --git a/azure-resources/Sql/managedInstances/kql/9fad5392-b852-4807-9b6d-3f700ff9771a.kql b/azure-resources/Sql/managedInstances/kql/9fad5392-b852-4807-9b6d-3f700ff9771a.kql new file mode 100644 index 000000000..825659376 --- /dev/null +++ b/azure-resources/Sql/managedInstances/kql/9fad5392-b852-4807-9b6d-3f700ff9771a.kql @@ -0,0 +1,2 @@ +// under-development + diff --git a/azure-resources/Sql/managedInstances/kql/c14de326-2729-4be7-a91f-4ea185d24b10.kql b/azure-resources/Sql/managedInstances/kql/c14de326-2729-4be7-a91f-4ea185d24b10.kql new file mode 100644 index 000000000..825659376 --- /dev/null +++ b/azure-resources/Sql/managedInstances/kql/c14de326-2729-4be7-a91f-4ea185d24b10.kql @@ -0,0 +1,2 @@ +// under-development + diff --git a/azure-resources/Sql/managedInstances/kql/c9afeb1e-e706-4809-be4e-75d9fac708f2.kql b/azure-resources/Sql/managedInstances/kql/c9afeb1e-e706-4809-be4e-75d9fac708f2.kql new file mode 100644 index 000000000..825659376 --- /dev/null +++ b/azure-resources/Sql/managedInstances/kql/c9afeb1e-e706-4809-be4e-75d9fac708f2.kql @@ -0,0 +1,2 @@ +// under-development + diff --git a/azure-resources/Sql/managedInstances/kql/f8f834a9-c761-4e84-b2cb-ac55494d0c37.kql b/azure-resources/Sql/managedInstances/kql/f8f834a9-c761-4e84-b2cb-ac55494d0c37.kql new file mode 100644 index 000000000..825659376 --- /dev/null +++ b/azure-resources/Sql/managedInstances/kql/f8f834a9-c761-4e84-b2cb-ac55494d0c37.kql @@ -0,0 +1,2 @@ +// under-development + diff --git a/azure-resources/Sql/managedInstances/recommendations.yaml b/azure-resources/Sql/managedInstances/recommendations.yaml new file mode 100644 index 000000000..7e5dbb729 --- /dev/null +++ b/azure-resources/Sql/managedInstances/recommendations.yaml @@ -0,0 +1,113 @@ +- description: Enable zone redundancy for Azure SQL Managed Instance to achieve high availability and resiliency + aprlGuid: f8f834a9-c761-4e84-b2cb-ac55494d0c37 + recommendationTypeId: null + recommendationControl: High Availability + recommendationImpact: High + recommendationResourceType: Microsoft.Sql/managedInstances + recommendationMetadataState: Active + longDescription: | + By default, Azure SQL Database premium tier provisions multiple copies within the same region. For geo redundancy, databases can be set as Zone Redundant, distributing copies across Azure Availability Zones to maintain availability during regional outages. + potentialBenefits: Enhanced availability and reliability + pgVerified: false + publishedToLearn: false + publishedToAdvisor: false + automationAvailable: no + tags: null + learnMoreLink: + - name: High availability through zone-redundancy + url: "https://learn.microsoft.com/azure/azure-sql/managed-instance/high-availability-sla-local-zone-redundancy?view=azuresql-mi#zone-redundant-availability" + +- description: Use Zone-redundant or Geo-zone-redundant Backup storage redundancy + aprlGuid: 15e2712c-f3ea-4a8d-9081-11e822b1ccfb + recommendationTypeId: null + recommendationControl: High Availability + recommendationImpact: High + recommendationResourceType: Microsoft.Sql/managedInstances + recommendationMetadataState: Active + longDescription: | + This copies your backups synchronously across three Azure availability zones in the primary region, if Geo is selected it creates 3 more copies in a secondary region. + potentialBenefits: Enhanced availability and reliability + pgVerified: false + publishedToLearn: false + publishedToAdvisor: false + automationAvailable: no + tags: null + learnMoreLink: + - name: Backup storage redundancy + url: "https://learn.microsoft.com/azure/azure-sql/managed-instance/automated-backups-overview?view=azuresql-mi&preserve-view=true#backup-storage-redundancy" + +- description: Use Redirect connection type to accelerate application access + aprlGuid: c14de326-2729-4be7-a91f-4ea185d24b10 + recommendationTypeId: null + recommendationControl: Scalability + recommendationImpact: Medium + recommendationResourceType: Microsoft.Sql/managedInstances + recommendationMetadataState: Active + longDescription: | + Redirect mode enables direct connectivity to the instance resulting in improved latency and throughput. Redirect mode applies to the VNet-local endpoint only, while the public endpoint will always default to Proxy connection mode. + potentialBenefits: Improved latency and throughput + pgVerified: false + publishedToLearn: false + publishedToAdvisor: false + automationAvailable: no + tags: null + learnMoreLink: + - name: Connection types + url: "https://learn.microsoft.com/azure/azure-sql/managed-instance/connection-types-overview?view=azuresql#connection-types" + +- description: Configure a secondary instance and a Failover group to enable failover to another region + aprlGuid: 257cd903-700f-4a79-bd37-7dce2b511df4 + recommendationTypeId: null + recommendationControl: Disaster Recovery + recommendationImpact: High + recommendationResourceType: Microsoft.Sql/managedInstances + recommendationMetadataState: Active + longDescription: | + If an outage impacts one or more of the databases in the managed instance, you can manually or automatically failover all the databases inside the instance to a secondary region. + potentialBenefits: Ensure seamless service with cross-region failover + pgVerified: false + publishedToLearn: false + publishedToAdvisor: false + automationAvailable: no + tags: null + learnMoreLink: + - name: Failover groups overview and best practices + url: "https://learn.microsoft.com/azure/azure-sql/managed-instance/failover-group-sql-mi?view=azuresql" + +- description: Monitor your Azure SQL MI Managed Instance in near-real time to detect reliability incidents + aprlGuid: c9afeb1e-e706-4809-be4e-75d9fac708f2 + recommendationTypeId: null + recommendationControl: Monitoring and Alerting + recommendationImpact: Medium + recommendationResourceType: Microsoft.Sql/servers + recommendationMetadataState: Active + longDescription: | + Monitoring and alerting are an important part of database operations. When working with Azure SQL Database, make use of Azure Monitor and SQL Insights to ensure that you capture relevant database metrics. + potentialBenefits: Quick incident detection and response + pgVerified: false + publishedToLearn: false + publishedToAdvisor: false + automationAvailable: no + tags: null + learnMoreLink: + - name: Azure SQL Managed Instance monitoring options + url: "https://techcommunity.microsoft.com/t5/azure-sql/monitoring-options-available-for-azure-sql-managed-instance/ba-p/1065416" + +- description: Back Up Your Keys + aprlGuid: 9fad5392-b852-4807-9b6d-3f700ff9771a + recommendationTypeId: null + recommendationControl: Disaster Recovery + recommendationImpact: Medium + recommendationResourceType: Microsoft.Sql/servers + recommendationMetadataState: Active + longDescription: | + It is highly recommended to use Azure Key Vault (AKV) to store encryption keys related to Always Encrypted configurations, however it is not required. If you are not using AKV, then ensure that your keys are properly backed up and stored in a secure manner. + potentialBenefits: Enhanced security and data recovery + pgVerified: false + publishedToLearn: false + publishedToAdvisor: false + automationAvailable: no + tags: null + learnMoreLink: + - name: Overview of Always Encrypted + url: "https://learn.microsoft.com/azure/azure-sql/database/always-encrypted-landing?view=azuresql" diff --git a/azure-resources/StreamAnalytics/_index.md b/azure-resources/StreamAnalytics/_index.md index 366fbaf70..5802557ec 100644 --- a/azure-resources/StreamAnalytics/_index.md +++ b/azure-resources/StreamAnalytics/_index.md @@ -1,5 +1,5 @@ --- title: StreamAnalytics geekdocCollapseSection: true -geekdocHidden: true +geekdocHidden: false --- diff --git a/azure-resources/StreamAnalytics/streamingJobs/_index.md b/azure-resources/StreamAnalytics/streamingJobs/_index.md index d02d12190..00274f9b3 100644 --- a/azure-resources/StreamAnalytics/streamingJobs/_index.md +++ b/azure-resources/StreamAnalytics/streamingJobs/_index.md @@ -1,7 +1,7 @@ --- title: streamingJobs geekdocCollapseSection: true -geekdocHidden: true +geekdocHidden: false --- {{< azure-resources-recommendationlist name="azure-resources-recommendationlist" >}} diff --git a/azure-resources/StreamAnalytics/streamingJobs/kql/5d40d3d4-179d-4cf5-ac24-901210f512e7.kql b/azure-resources/StreamAnalytics/streamingJobs/kql/5d40d3d4-179d-4cf5-ac24-901210f512e7.kql new file mode 100644 index 000000000..bcfdbd642 --- /dev/null +++ b/azure-resources/StreamAnalytics/streamingJobs/kql/5d40d3d4-179d-4cf5-ac24-901210f512e7.kql @@ -0,0 +1,6 @@ +// Azure Resource Graph Query +// Find all Azure Stream Analytics jobs that are not using the latest version of the service. +resources +| where type =~ "Microsoft.StreamAnalytics/streamingjobs" +| where properties.sku.name !~ "StandardV2" +| project recommendationId = "5d40d3d4-179d-4cf5-ac24-901210f512e7", name, id, tags diff --git a/azure-resources/StreamAnalytics/streamingJobs/kql/e48a7227-5ec7-463a-b955-ee7cb598ded4.kql b/azure-resources/StreamAnalytics/streamingJobs/kql/e48a7227-5ec7-463a-b955-ee7cb598ded4.kql new file mode 100644 index 000000000..0eaa8e0d2 --- /dev/null +++ b/azure-resources/StreamAnalytics/streamingJobs/kql/e48a7227-5ec7-463a-b955-ee7cb598ded4.kql @@ -0,0 +1,6 @@ +// Azure Resource Graph Query +// Find all Azure Stream Analytics jobs that are not associated with a dedicated cluster +resources +| where type =~ "Microsoft.StreamAnalytics/streamingjobs" +| where isnull(properties.cluster.id) +| project recommendationId = "e48a7227-5ec7-463a-b955-ee7cb598ded4", name, id, tags diff --git a/azure-resources/StreamAnalytics/streamingJobs/recommendations.yaml b/azure-resources/StreamAnalytics/streamingJobs/recommendations.yaml new file mode 100644 index 000000000..3d3989f0c --- /dev/null +++ b/azure-resources/StreamAnalytics/streamingJobs/recommendations.yaml @@ -0,0 +1,37 @@ +- description: Run jobs in your own dedicated Stream Analytics cluster for increased reliability and security + aprlGuid: e48a7227-5ec7-463a-b955-ee7cb598ded4 + recommendationTypeId: null + recommendationControl: Scalability + recommendationImpact: Medium + recommendationResourceType: Microsoft.StreamAnalytics/streamingjobs + recommendationMetadataState: Active + longDescription: | + Stream Analytics cluster (dedicated) offers more reliable performance guarantees. All the jobs running on your cluster belong only to you. You can also have access to important features like private endpoints, Auto-Scaling, Vnet Support, etc. + potentialBenefits: Enhanced reliability and security + pgVerified: false + publishedToLearn: false + publishedToAdvisor: false + automationAvailable: arg + tags: null + learnMoreLink: + - name: Overview of Azure Stream Analytics Cluster + url: "https://learn.microsoft.com/azure/stream-analytics/cluster-overview" + +- description: Migrate Stream Analytics jobs to StandardV2 SKU + aprlGuid: 5d40d3d4-179d-4cf5-ac24-901210f512e7 + recommendationTypeId: null + recommendationControl: High Availability + recommendationImpact: High + recommendationResourceType: Microsoft.StreamAnalytics/streamingjobs + recommendationMetadataState: Active + longDescription: | + Configure Autoscale to allow your job to dynamically change the allocated number of Streaming Units (SU) based on load, metrics, and/or schedule. + potentialBenefits: Enhanced reliability and security + pgVerified: false + publishedToLearn: false + publishedToAdvisor: false + automationAvailable: arg + tags: null + learnMoreLink: + - name: Understand and adjust streaming units + url: "https://learn.microsoft.com/azure/stream-analytics/stream-analytics-streaming-unit-consumption"