Load Balancer

Filters

  • Standard Value Filter (see Generic Filters)
  • ARM Resource Filters (see Generic Filters)
    • Metric Filter - Filter on metrics from Azure Monitor - (see Load Balancer Supported Metrics)
    • Tag Filter - Filter on tag presence and/or values
    • Marked-For-Op Filter - Filter on tag that indicates a scheduled operation for a resource
  • frontend-public-ip Filters load balancers by the frontend public IP

    Schema:

    {
      "default": {
        "type": "object"
      },
      "key": {
        "type": "string"
      },
      "op": {
        "enum": [
          "glob",
          "contains",
          "equal",
          "eq",
          "lt",
          "ge",
          "greater-than",
          "gte",
          "not-in",
          "in",
          "regex",
          "difference",
          "ne",
          "less-than",
          "lte",
          "intersect",
          "le",
          "not-equal",
          "gt",
          "ni"
        ]
      },
      "value": {
        "oneOf": [
          {
            "type": "array"
          },
          {
            "type": "string"
          },
          {
            "type": "boolean"
          },
          {
            "type": "number"
          },
          {
            "type": "null"
          }
        ]
      },
      "value_from": {
        "additionalProperties": "False",
        "properties": {
          "expr": {
            "oneOf": [
              {
                "type": "integer"
              },
              {
                "type": "string"
              }
            ]
          },
          "format": {
            "enum": [
              "csv",
              "json",
              "txt",
              "csv2dict"
            ]
          },
          "url": {
            "type": "string"
          }
        },
        "required": [
          "url"
        ],
        "type": "object"
      },
      "value_type": {
        "enum": [
          "age",
          "integer",
          "expiration",
          "normalize",
          "size",
          "cidr",
          "cidr_size",
          "swap",
          "resource_count",
          "expr",
          "unique_size"
        ]
      }
    }
    

Actions

Example Policies

This policy will filter load balancers with an ipv6 frontend public IP

policies:
  - name: loadbalancer-with-ipv6-frontend
    resource: azure.loadbalancer
    filters:
       - type: frontend-public-ip
         key: properties.publicIPAddressVersion
         op: in
         value_type: normalize
         value: "ipv6"

This policy will find all load balancers with 1000 or less transmitted packets over the last 72 hours and notify user@domain.com

policies:
  - name: notify-inactive-loadbalancer
    resource: azure.loadbalancer
    filters:
      - type: metric
        metric: PacketCount
        op: le
        aggregation: total
        threshold: 1000
        timeframe: 72
     actions:
      - type: notify
        template: default
        priority_header: 2
        subject: Inactive Load Balancer
        to:
          - user@domain.com
        transport:
          - type: asq
            queue: https://accountname.queue.core.windows.net/queuename