Public IP Address

Filters

• Standard Value Filter (see Generic Filters)

  • Model: PublicIPAddress

• ARM Resource Filters (see Generic Filters)

  • Metric Filter - Filter on metrics from Azure Monitor - (see Public IP Address Supported Metrics)

  • Tag Filter - Filter on tag presence and/or values

  • Marked-For-Op Filter - Filter on tag that indicates a scheduled operation for a resource

Actions

• ARM Resource Actions (see Generic Actions)

Example Policies

This policy will find all public IP addresses under DDoS attack over the last 72 hours

policies:
  - name: publicip-dropping-packets
    resource: azure.publicip
    filters:
      - type: metric
        metric: IfUnderDDoSAttack
        op: gt
        aggregation: maximum
        threshold: 0
        timeframe: 72

This policy will find all public IP addresses that are not being attached to Network Interface