Examples¶
These use cases provide examples of specific policies.
General¶
- Monitor - Filter resources by metrics from Azure Monitor
- Resource Groups - Delayed operations
- Resource Groups - Delete or report on orphan resources (NICs, Disks, Public IPs)
- Resource Groups - Remove empty Resource Groups
- Tags - Add tag to Virtual Machines
- Tags - Automatically tag the creator of a resource or resource group
- Tags - Remove tag From Virtual Machines
- Tags - Trim tags From Virtual Machines
- Resource Group - Generate a Teams Message on Create
Compute¶
- App Services - Filter By CORS Configuration
- App Service - Resize All Application Service Plans
- Resource Groups - Delete or report on orphan resources (NICs, Disks, Public IPs)
- Tags - Add tag to Virtual Machines
- Tags - Remove tag From Virtual Machines
- Tags - Trim tags From Virtual Machines
- Virtual Machines - Find Stopped Virtual Machines
- Virtual Machines - Find Virtual Machines with public IP address
Storage and Databases¶
- Cosmos DB Collections - Resize Throughput with On/Off Hours
- SQL - Find databases with specific retention options
- SQL - Update SQL Database retention policies
- SQL - Find all SQL Databases with Premium SKU
- Storage - Add storage firewall rules
- Storage - Block public access
- Storage - Monitor newly created Containers for public access
Identity¶
Networking¶
- Firewall - Update CosmosDB Rules
- Firewall - Filter Storage Accounts By Rules
- Load Balancer - Filter load balancer by front end public ip
- Network Security Groups - Deny access to Network Security Group
- Resource Groups - Delete or report on orphan resources (NICs, Disks, Public IPs)
- Routes - Find route tables with a specific subnet
- Storage - Add storage firewall rules
- Storage - Block public access
- Virtual Machines - Find Virtual Machines with public IP address