Release v2.12

build/integration.tf

@@ -9,8 +9,22 @@ locals {
     }
   )
   workbook_integration_json = templatefile("${path.module}/templates/integration.tpl.json", {
-    "kql_integration_apim_resources_details" = jsonencode(local.kql_integration_apim_resources_details)
+    "kql_integration_apim_resources_details"               = jsonencode(local.kql_integration_apim_resources_details)
+    "kql_integration_servicebus_resources_details"         = jsonencode(local.kql_integration_servicebus_resources_details)
+    "kql_integration_servicebus_resources_details_summary" = jsonencode(local.kql_integration_servicebus_resources_details_summary)
   })
+  kql_integration_servicebus_resources_details = templatefile(
+    "${path.module}/template_kql/integration/integration_servicebus_resources_details.kql",
+    {
+      "extend_resource" = local.kql_extend_resource
+    }
+  )
+  kql_integration_servicebus_resources_details_summary = templatefile(
+    "${path.module}/template_kql/integration/integration_servicebus_resources_details_summary.kql",
+    {
+      "extend_resource" = local.kql_extend_resource
+    }
+  )
 }
 resource "random_uuid" "workbook_name_integration" {
   keepers = {

build/template_kql/common/calculate_score.kql

@@ -45,4 +45,6 @@ extend ReliabilityScore = case(
     // ASRs contain multiple VM resources that are configured for replication and therefore maintain status in each of them. If none of the VMs are replicated, both the OK status and the NG status will be null. This means that if the OK status is calculated in the same way as other resources, by adding the OK statuses, the score will be zero.
     // So, for ASR, if even one VM has an NG status, that status is treated as 0 and the score is calculated by subtracting the status of that status from 1.
     Type == 'microsoft.recoveryservices/vaults', ((1-NoAsrSucceededState) + (1-NoAsrSucceededReplHealth) + (1-NoAsrSucceededFailoverHealth) + (1-NoAsrSucceededProtectionStateDesc) + (1-NoAsrSucceededReplicationAgentUpdate)) * 100 / (5 * UniqueResourceTotal),
+    // Service Bus - 5 checks // score = (Failed Status + Non-Premium SKU + No Availability Zone + Outdated TLS version + Capacity < 2)
+    Type == 'microsoft.servicebus/namespaces', (SucceededStateCount + PremiumSkuCount + AvZoneCount + NAAvZoneCount + MeetMinTLSVersionCount + Gt1CapacityCount) * 100 / (5 * ResourceTotal),
     0)

build/template_kql/common/extend_resource.kql

@@ -37,6 +37,7 @@ on id
     (type == 'microsoft.dbforpostgresql/flexibleservers') or 
     (type == 'microsoft.cache/redis') or
     (type == "microsoft.apimanagement/service") or 
+    (type==  'microsoft.servicebus/namespaces') or
     (type == "microsoft.storage/storageaccounts" or type == "microsoft.classicstorage/storageaccounts") or 
     (type == "microsoft.network/azurefirewalls") or 
     (type == "microsoft.network/frontdoors") or
@@ -97,6 +98,7 @@ on id
     type == 'microsoft.dbforpostgresql/flexibleservers', tostring(properties.state),
     type == 'microsoft.cache/redis', tostring(properties.provisioningState),
     type == "microsoft.apimanagement/service", tostring(properties.provisioningState),
+    type == 'microsoft.servicebus/namespaces',tostring(properties.provisioningState),
     type contains "storageaccounts", tostring(properties.provisioningState),
     type == "microsoft.network/azurefirewalls", tostring(properties.provisioningState),
     type == "microsoft.network/frontdoors", tostring(properties.resourceState),
@@ -123,6 +125,7 @@ on id
     type == 'microsoft.dbforpostgresql/flexibleservers', tostring(sku.tier),
     type == 'microsoft.cache/redis', tostring(properties.sku.name),
     type == "microsoft.apimanagement/service", tostring(sku.name),
+    type == 'microsoft.servicebus/namespaces', tostring(sku.name),
     type contains 'storageaccounts', tostring(replace('-', '_', tostring(iff(type =~ "microsoft.storage/storageaccounts", sku.name, properties.accountType)))),
     type == "microsoft.network/azurefirewalls", tostring(properties.sku.name),
     type == "microsoft.network/frontdoors", "classic_frontdoor",
@@ -167,6 +170,7 @@ on id
     ),
     (type == 'microsoft.cache/redis'), coalesce(tostring(array_length(parse_json(zones))), 'Not Configured'),
     (type == "microsoft.apimanagement/service"), coalesce(tostring(array_length(parse_json(zones))), 'Not Configured'),
+    (type == 'microsoft.servicebus/namespaces'), iff(properties.zoneRedundant == 'true', 'Configured', 'Not Configured'),
     (type contains 'storageaccounts'), case(split(skuName, '_', 1)[0] contains "zrs", "Configured", "Not Configured"),
     (type == "microsoft.network/azurefirewalls"), iif(isnotnull(zones), "Configured", "Not Configured"),
     (type == "microsoft.network/frontdoors"), "Not Applicable",
@@ -207,6 +211,7 @@ on id
     type == 'microsoft.dbforpostgresql/flexibleservers', "Not Applicable",
     type == 'microsoft.cache/redis', "Not Applicable",
     type == "microsoft.apimanagement/service", "Not Applicable",
+    type == "microsoft.servicebus/namespaces", "Not Applicable",
     type contains "storageaccounts", "Not Applicable",
     type == "microsoft.network/azurefirewalls", "Not Applicable",
     type == "microsoft.network/frontdoors", "Not Applicable",
@@ -233,6 +238,7 @@ on id
     type == 'microsoft.dbforpostgresql/flexibleservers', tostring(sku.capacity),
     type == 'microsoft.cache/redis', strcat(properties.sku.family, properties.sku.capacity),
     type == "microsoft.apimanagement/service", tostring(sku.capacity),
+    type == "microsoft.servicebus/namespaces",tostring(iif(isempty(sku.capacity), "Not Applicable", sku.capacity)),
     type contains "storageaccounts", "Not Applicable", 
     type == "microsoft.network/azurefirewalls", "Not Applicable",
     type == "microsoft.network/frontdoors", "Not Applicable",
@@ -259,6 +265,7 @@ on id
     type == 'microsoft.dbforpostgresql/flexibleservers', 'Not Applicable',
     type == 'microsoft.cache/redis', 'Not Applicable',
     type == "microsoft.apimanagement/service", "Not Applicable",
+    type == "microsoft.servicebus/namespaces", "Not Applicable",
     type contains "storageaccounts", "Not Applicable",
     type == "microsoft.network/azurefirewalls", "Not Applicable",
     type == "microsoft.network/frontdoors", "Not Applicable",
@@ -285,6 +292,7 @@ on id
     type == 'microsoft.dbforpostgresql/flexibleservers', 'Not Applicable',
     type == 'microsoft.cache/redis', 'Not Applicable',
     type == "microsoft.apimanagement/service", tostring(properties.platformVersion), //Field Override
+    type == "microsoft.servicebus/namespaces", "Not Applicable",
     type contains "storageaccounts", tostring(split(skuName, '_', 0)[0]),
     type == "microsoft.network/azurefirewalls", "Not Applicable",
     type == "microsoft.network/frontdoors", "Not Applicable",
@@ -312,6 +320,7 @@ on id
     type == 'microsoft.dbforpostgresql/flexibleservers', "Not Applicable",
     type == 'microsoft.cache/redis', 'Not Applicable',
     type == "microsoft.apimanagement/service", tostring(properties.additionalLocations),
+    (type == "microsoft.servicebus/namespaces"), "Not Applicable",
     type contains "storageaccounts", case(
         // Use the following query to get 3+0 regions: az account list-locations -o table --query '[?availabilityZoneMappings && (!metadata.pairedRegion || length(metadata.pairedRegion) == `0`)]'
         location in~ ('qatarcentral', 'polandcentral', 'israelcentral', 'italynorth') and split(skuName, '_', 1)[0] startswith "zrs" , 'Configured',
@@ -353,6 +362,7 @@ on id
     type == 'microsoft.dbformysql/flexibleservers', case(properties.haEnabled == "Enabled", "Configured", "Not Applicable"),
     type == 'microsoft.cache/redis', 'Not Applicable',
     type == "microsoft.apimanagement/service", "Not Applicable",
+    (type == "microsoft.servicebus/namespaces"), "Not Applicable",
     type contains "storageaccounts", "Not Applicable",
     type == "microsoft.network/azurefirewalls", "Not Applicable",
     type == "microsoft.network/frontdoors", "Not Applicable",
@@ -370,6 +380,7 @@ on id
     (type == 'microsoft.documentdb/databaseaccounts' and properties.enableMultipleWriteLocations == "true"), "Enabled",
     (type == 'microsoft.cache/redis'), 'Not Applicable',
     (type == "microsoft.apimanagement/service"), "Not Applicable",
+    (type == "microsoft.servicebus/namespaces"), "Not Applicable",
     (type contains "storageaccounts"), "Not Applicable",
     (type == "microsoft.network/azurefirewalls"), "Not Applicable",
     (type == "microsoft.network/frontdoors"), "Not Applicable",
@@ -389,6 +400,7 @@ on id
     (type == 'microsoft.dbforpostgresql/flexibleservers'), "Not Applicable",
     (type == 'microsoft.cache/redis'), 'Not Applicable',
     (type == "microsoft.apimanagement/service"), "Not Applicable",
+    (type == "microsoft.servicebus/namespaces"), "Not Applicable",
     (type contains "storageaccounts"), "Not Applicable",
     (type == "microsoft.network/azurefirewalls"), "Not Applicable",
     (type == "microsoft.network/frontdoors"), "Not Applicable",
@@ -410,6 +422,7 @@ on id
     (type == 'microsoft.dbforpostgresql/flexibleservers'), tostring(properties.replicationRole),
     (type == 'microsoft.cache/redis'), 'Not Applicable',
     (type == "microsoft.apimanagement/service"), "Not Applicable",
+    (type == "microsoft.servicebus/namespaces"), "Not Applicable",
     (type contains "storageaccounts"), tostring(split(skuName, '_', 1)[0]),
     (type == "microsoft.network/azurefirewalls"), "Not Applicable",
     (type == "microsoft.network/frontdoors"), "Not Applicable",
@@ -421,6 +434,10 @@ on id
     (type == "microsoft.recoveryservices/vaults"), "Not Applicable",
     "Undefined"
     )
+| extend MinTLSVersion = case(
+    type == "microsoft.servicebus/namespaces", tostring(properties.minimumTlsVersion),
+    "Undefined"
+)
 | project 
     Type = tolower(type),
     SkuName = tolower(skuName),
@@ -442,6 +459,7 @@ on id
     StorageAutogrow = tolower(StorageAutogrow),
     ReplicationRole = tolower(ReplicationRole),
     Environment = environment,
+    MinTLSVersion,
     properties
 | join kind = leftouter (
     recoveryservicesresources

build/template_kql/common/summarize_score.kql

@@ -84,4 +84,6 @@ summarize
     NAGen2VnetGwCount=dcountif(Name, OSDisk == "none" and Type == 'microsoft.network/virtualnetworkgateways'),
     ActiveActiveVnetGwCount=dcountif(Name, ReadReplica == "true" and Type == 'microsoft.network/virtualnetworkgateways'),
     NAActiveActiveVnetGwCount=dcountif(Name, ReadReplica == "not applicable" and Type == 'microsoft.network/virtualnetworkgateways'),
-    Stv2ApimCount=dcountif(Name, OSDisk == "stv2" and Type == 'microsoft.apimanagement/service')
+    Stv2ApimCount=dcountif(Name, OSDisk == "stv2" and Type == 'microsoft.apimanagement/service'),
+    MeetMinTLSVersionCount=dcountif(Name, todouble(MinTLSVersion) >= 1.2),
+    NoMeetMinTLSVersionCount=dcountif(Name, todouble(MinTLSVersion) < 1.2)

build/template_kql/integration/integration_servicebus_resources_details.kql

@@ -0,0 +1,3 @@
+${extend_resource}
+| project Type, SkuName, Kind, SubscriptionId, Name, State, Location, ResourceGroup, AvailabilityZone, toint(Capacity), MinTLSVersion, Environment
+| where Type == 'microsoft.servicebus/namespaces'

build/template_kql/integration/integration_servicebus_resources_details_summary.kql

@@ -0,0 +1,5 @@
+${extend_resource}
+| project Type, Name, Zones, SkuName, State, AvailabilityZone, MinTLSVersion, Capacity
+| where Type =='microsoft.servicebus/namespaces'
+| summarize ResourceTotal=count(Name), NotSucceeded=dcountif(Name, State != "succeeded"), NotPremium=dcountif(Name, SkuName!= "premium"), NoMultipleZones=dcountif(Name, AvailabilityZone == "not configured")
+,NoMinimumTLSVersion=dcountif(Name,todouble(MinTLSVersion)<1.2), CapacityNotConfigured=dcountif(Name, toint(Capacity)<2)

build/template_kql/summary/summary_reliability_score_by_resource_environment.kql

@@ -1,5 +1,5 @@
 ${extend_resource}
-| project Type, SkuName, Kind, SubscriptionId, Name, State, Location, ResourceGroup, Zones, AvailabilityZone, AvailabilitySet, Capacity, FaultDomain, OSDisk, ReadReplica, AutomaticFailover, MultipleWriteLocations, StorageAutogrow, ReplicationRole, Backup = tolower(Backup), Environment,
+| project Type, SkuName, Kind, SubscriptionId, Name, State, Location, ResourceGroup, Zones, AvailabilityZone, AvailabilitySet, Capacity, FaultDomain, OSDisk, ReadReplica, AutomaticFailover, MultipleWriteLocations, StorageAutogrow, ReplicationRole, Backup = tolower(Backup), MinTLSVersion, Environment,
   vmId, replicationHealth, failoverHealth, protectionStateDescription, isReplicationAgentUpdateRequired // This is for calculating the score for ASRs
 | ${summarize_score}
     by Name, Type, Environment

build/template_kql/summary/summary_workbook_reliability_score.kql

@@ -1,5 +1,5 @@
 ${extend_resource}
-| project Type, SkuName, Kind, SubscriptionId, Name, State, Location, ResourceGroup, Zones, AvailabilityZone, AvailabilitySet, Capacity, FaultDomain, OSDisk, ReadReplica, AutomaticFailover, MultipleWriteLocations, StorageAutogrow, ReplicationRole, Backup = tolower(Backup), Environment,
+| project Type, SkuName, Kind, SubscriptionId, Name, State, Location, ResourceGroup, Zones, AvailabilityZone, AvailabilitySet, Capacity, FaultDomain, OSDisk, ReadReplica, AutomaticFailover, MultipleWriteLocations, StorageAutogrow, ReplicationRole, Backup = tolower(Backup), MinTLSVersion, Environment,
   vmId, replicationHealth, failoverHealth, protectionStateDescription, isReplicationAgentUpdateRequired // This is for calculating the score for ASRs
 | ${summarize_score}
     by Type, Environment

build/templates/compute.tpl.json

@@ -351,13 +351,14 @@
                                   },
                                   {
                                     "operator": "==",
-                                    "thresholdValue": "vm deallocated",
-                                    "representation": "gray",
+                                    "thresholdValue": "vm stopped",
+                                    "representation": "redBright",
                                     "text": "{0}{1}"
                                   },
                                   {
                                     "operator": "Default",
                                     "thresholdValue": null,
+                                    "representation": "gray",
                                     "text": "{0}{1}"
                                   }
                                 ]