- Detect & correct App Service plans if unused
- Detect & correct Compute disks attached to stopped VMs
- Detect & correct Compute unattached disks
- Detect & correct Compute disks with high IOPS
- Detect & correct Compute disks with low usage
- Detect & correct Compute snapshots exceeding max age
- Detect & correct Compute snapshots with premium storage
- Detect & correct Compute virtual machines
- Detect & correct Compute virtual machine with low utilization
- Detect & correct Compute disks exceeding max size
- Detect & correct HDInsight clusters exceeding max age
- Detect & correct Kubernetes clusters exceeding max age
- Detect & correct Kusto clusters exceeding max age
- Detect & correct Kusto clusters without autoscaling
- Detect & correct Monitor log profiles without retention policy
- Detect & correct Network application gateways without autoscaling
- Detect & correct Network load balancers if unused
- Detect & correct Network NAT gateways if unused
- Detect & correct Network unattached public IPs
- Detect & correct Network virtual network gateways if unused
- Detect & correct Service Fabric clusters exceeding max age
- Detect & correct SQL databases exceeding max age
- Detect & correct Storage accounts without lifecycle policy
- Detect & correct Compute virtual machine scale sets if unused
Detect & correct unused Virtual network gateways
Overview
Virtual Network gateways can be quite costly to retain, it is also likely that after a certain point in time they're no longer required and should be cleaned up to prevent further costs.
This pipeline detects virtual network gateways exceeding max age and then either sends a notification or attempts to perform a predefined corrective action.
Getting Started
This control will work out-of-the-box with some sensible defaults (configurable via variables).
You should be able to simply run the following command in your terminal:
flowpipe pipeline run detect_and_correct_network_virtual_network_gateways_if_unusedBy default, Flowpipe runs in wizard mode and prompts directly in the terminal for a decision on the action(s) to take for each detected resource.
However, you can run Flowpipe in server mode with external integrations, allowing it to prompt for input via http, slack, teams, etc.
Alternatively, you can choose to configure and run in other modes:
Query
select concat(g.id, ' [', g.resource_group, '/', g.subscription_id) as title, g.id, g.name, g.resource_group, g.subscription_id, g.sp_connection_name as connfrom azure_virtual_network_gateway as g, azure_subscription as subwhere g.gateway_connections is null and sub.subscription_id = g.subscription_id;Schedule
15m