azure.mgmt.compute resources

azure.disk

Disk Resource

example

This policy will disks that are not being managed by a VM

policies:
  - name: orphaned-disk
    resource: azure.disk
    filters:
      - type: value
        key: managedBy
        value: null

azure.image

Virtual Machine Image

example

Returns all virtual machine images named my-test-vm-image

policies:
  - name: get-vm-image
    resource: azure.image
    filters:
      - type: value
        key: name
        op: eq
        value: my-test-vm-image

azure.vm

Virtual Machine Resource

example

Stop all running VMs

policies:
  - name: stop-running-vms
    resource: azure.vm
    filters:
      - type: instance-view
        key: statuses[].code
        op: in
        value_type: swap
        value: PowerState/running
    actions:
      - type: stop
example

Start all VMs

policies:
  - name: start-vms
    resource: azure.vm
    actions:
      - type: start
example

Restart all VMs

policies:
  - name: start-vms
    resource: azure.vm
    actions:
      - type: restart
example

Delete specific VM by name

policies:
  - name: stop-running-vms
    resource: azure.vm
    filters:
      - type: value
        key: name
        op: eq
        value_type: normalize
        value: fake_vm_name
    actions:
      - type: delete
example

Find all VMs with a Public IP address

policies:
  - name: vms-with-public-ip
    resource: azure.vm
    filters:
      - type: network-interface
        key: 'properties.ipConfigurations[].properties.publicIPAddress.id'
        value: not-null
example

This policy will find all VMs that have Percentage CPU usage >= 75% over the last 72 hours

policies:
  - name: busy-vms
    resource: azure.vm
    filters:
      - type: metric
        metric: Percentage CPU
        op: ge
        aggregation: average
        threshold: 75
        timeframe: 72
example

This policy will find all VMs that have Percentage CPU usage <= 1% over the last 72 hours, mark for deletion in 7 days

policies:
  - name: delete-unused-vms
    resource: azure.vm
    filters:
      - type: metric
        metric: Percentage CPU
        op: le
        aggregation: average
        threshold: 1
        timeframe: 72
     actions:
      - type: mark-for-op
        op: delete
        days: 7

Filters

network-interface

properties:
  default:
    type: object
  key:
    type: string
  op:
    enum:
    - eq
    - equal
    - ne
    - not-equal
    - gt
    - greater-than
    - ge
    - gte
    - le
    - lte
    - lt
    - less-than
    - glob
    - regex
    - regex-case
    - in
    - ni
    - not-in
    - contains
    - difference
    - intersect
  type:
    enum:
    - network-interface
  value:
    oneOf:
    - type: array
    - type: string
    - type: boolean
    - type: number
    - type: 'null'
  value_from:
    additionalProperties: 'False'
    properties:
      expr:
        oneOf:
        - type: integer
        - type: string
      format:
        enum:
        - csv
        - json
        - txt
        - csv2dict
      url:
        type: string
    required:
    - url
    type: object
  value_regex:
    type: string
  value_type:
    enum:
    - age
    - integer
    - expiration
    - normalize
    - size
    - cidr
    - cidr_size
    - swap
    - resource_count
    - expr
    - unique_size
    - date
required:
- type

Actions

poweroff

properties:
  type:
    enum:
    - poweroff
required:
- type

restart

properties:
  type:
    enum:
    - restart
required:
- type

start

properties:
  type:
    enum:
    - start
required:
- type

stop

properties:
  type:
    enum:
    - stop
required:
- type

azure.vmss

Virtual Machine Scale Set Resource

example

This policy will find all VM Scale Sets that are set to overprovision

policies:
  - name: find-vmss-overprovision-true
    resource: azure.vmss
    filters:
      - type: value
        key: properties.overprovision
        op: equal
        value: True