standard
turbot/azure_thrifty
- Detect & correct App Service plans if unused
- Detect & correct Compute disks attached to stopped VMs
- Detect & correct Compute unattached disks
- Detect & correct Compute disks with high IOPS
- Detect & correct Compute disks with low usage
- Detect & correct Compute snapshots exceeding max age
- Detect & correct Compute snapshots with premium storage
- Detect & correct Compute virtual machines
- Detect & correct Compute virtual machine with low utilization
- Detect & correct Compute disks exceeding max size
- Detect & correct HDInsight clusters exceeding max age
- Detect & correct Kubernetes clusters exceeding max age
- Detect & correct Kusto clusters exceeding max age
- Detect & correct Kusto clusters without autoscaling
- Detect & correct Monitor log profiles without retention policy
- Detect & correct Network application gateways without autoscaling
- Detect & correct Network load balancers if unused
- Detect & correct Network NAT gateways if unused
- Detect & correct Network unattached public IPs
- Detect & correct Network virtual network gateways if unused
- Detect & correct Service Fabric clusters exceeding max age
- Detect & correct SQL databases exceeding max age
- Detect & correct Storage accounts without lifecycle policy
- Detect & correct Compute virtual machine scale sets if unused
Get Involved
Version
Detect & correct Storage account without lifecycle policy
Overview
Storage accounts can be quite costly to retain, it is also likely that after a certain point in time they're no longer required and should be cleaned up to prevent further costs.
This query trigger detects storage account without lifecycle policy and then either sends a notification or attempts to perform a predefined corrective action.
Getting Started
By default, this trigger is disabled, however it can be configured by setting the below variables
storage_accounts_without_lifecycle_policy_trigger_enabled
should be set totrue
as the default isfalse
.storage_accounts_without_lifecycle_policy_trigger_enabled
should be set to your desired running schedulestorage_accounts_without_lifecycle_policy_default_action
should be set to your desired action (i.e."notify"
for notifications or"delete_storage_account"
to delete the snapshot).
Then starting the server:
flowpipe server
or if you've set the variables in a .fpvars
file:
flowpipe server --var-file=/path/to/your.fpvars
Query
select concat( ac.id, ' [', ac.resource_group, '/', ac.subscription_id, ']' ) as title, ac.id as resource, ac.name, ac.subscription_id, ac.resource_group, ac.title, ac.sp_connection_name as connfrom azure_storage_account as ac left join azure_subscription as sub on ac.subscription_id = sub.subscription_idwhere ( ac.lifecycle_management_policy -> 'properties' -> 'policy' -> 'rules' ) is null;
Schedule
15m
Tags
category = Cost
class = unused
plugin = azure
service = Azure/Storage