Public IP Address¶
This set of policies will mark all public IP addresses for deletion in 7 days that have ‘test’ in name (ignore case), and then perform the delete operation on those ready for deletion.
policies: - name: mark-test-public-ip-for-deletion resource: azure.publicip filters: - type: value key: name op: in value_type: normalize value: test actions: - type: mark-for-op op: delete days: 7 - name: delete-test-publicips resource: azure.publicip filters: - type: marked-for-op op: delete actions: - type: delete
This policy will find all public IP addresses under DDoS attack over the last 72 hours and notify firstname.lastname@example.org
policies: - name: notify-publicip-dropping-packets resource: azure.publicip filters: - type: metric metric: IfUnderDDoSAttack op: gt aggregation: maximum threshold: 0 timeframe: 72 actions: - type: notify template: default priority_header: 1 subject: Public IP Under DDoS Attack to: - email@example.com transport: - type: asq queue: https://accountname.queue.core.windows.net/queuename