Merge branch 'avd-updates' of https://github.com/moisesjgomez/Azure-P…

…roactive-Resiliency-Library into avd-updates

docs/content/services/compute/virtual-machine-scale-sets/_index.md

@@ -23,7 +23,7 @@ The presented resiliency recommendations in this guidance include Virtual Machin
 | [VMSS-7 - Configure Allocation Policy Spreading algorithm to Max Spreading](#vmss-7---configure-allocation-policy-spreading-algorithm-to-max-spreading) | System Efficiency | Medium | Preview | Yes |
 | [VMSS-8 - Deploy VMSS across availability zones with VMSS Flex](#vmss-8---deploy-vmss-across-availability-zones-with-vmss-flex) | Availability | High | Verified | Yes |
 | [VMSS-9 - Set Patch orchestration options to Azure-orchestrated](#vmss-9---set-patch-orchestration-options-to-azure-orchestrated) | Automation | Low | Verified | Yes |
-| [VMSS-10 - Upgrade VMSS Image versions scheduled to be deprecated or already retired](#vmss-10---upgrade-vmss-image-versions-scheduled-to-be-deprecated-or-already-retired) | Governance | High | Preview | Yes |
+| [VMSS-10 - Upgrade VMSS Image versions scheduled to be deprecated or already retired](#vmss-10---upgrade-vmss-image-versions-scheduled-to-be-deprecated-or-already-retired) | Governance | High | Preview | No |
 | [VMSS-11 - Production VMSS instances should be using SSD disks](#vmss-11---production-vmss-instances-should-be-using-ssd-disks) | System Efficiency | High | Verified | Yes |
 
 {{< /table >}}

docs/content/services/compute/virtual-machine-scale-sets/code/vmss-10/vmss-10.kql

@@ -1,7 +1 @@
-// Azure Resource Graph Query
-// This query will check if the VMSS are currently using the latest image.  If not the Image reference will be empty
-resources
-| where type == "microsoft.compute/virtualmachinescalesets"
-| extend VMSSName = name
-| extend ImageReference = tostring(properties.virtualMachineProfile.storageProfile.imageReference.version)
-| project recommendationId="vmss-10",name,id, tags, param1="ImageReference"
+//cannot be validated with arg

docs/content/services/database/cosmosdb/_index.md

@@ -14,11 +14,11 @@ The presented resiliency recommendations in this guidance include Cosmos DB and
 {{< table style="table-striped" >}}
 | Recommendation                                                                                                                                                                                  |        Category        | Impact |  State  | ARG Query Available |
 |:------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------:|:------:|:-------:|:-------------------:|
-| [COSMOS-1 - Configure at least two regions for high availability](#cosmos-1---configure-at-least-two-regions-for-high-availability)                                                             |      Availability      |  High  | Preview |         Yes         |
-| [COSMOS-2 - Enable service-managed failover for multi-region accounts with single write region](#cosmos-2---enable-service-managed-failover-for-multi-region-accounts-with-single-write-region) |   Disaster Recovery    |  High  | Preview |         Yes          |
-| [COSMOS-3 - Evaluate multi-region write capability](#cosmos-3---evaluate-multi-region-write-capability)                                                                                         |   Disaster Recovery    |  High  | Preview |         Yes         |
+| [COSMOS-1 - Configure at least two regions for high availability](#cosmos-1---configure-at-least-two-regions-for-high-availability)                                                             |      Availability      |  High  | Verified |         Yes         |
+| [COSMOS-2 - Enable service-managed failover for multi-region accounts with single write region](#cosmos-2---enable-service-managed-failover-for-multi-region-accounts-with-single-write-region) |   Disaster Recovery    |  High  | Verified |         Yes          |
+| [COSMOS-3 - Evaluate multi-region write capability](#cosmos-3---evaluate-multi-region-write-capability)                                                                                         |   Disaster Recovery    |  High  | Verified |         Yes         |
 | [COSMOS-4 - Choose appropriate consistency mode reflecting data durability requirements](#cosmos-4---choose-appropriate-consistency-mode-reflecting-data-durability-requirements)               |   Disaster Recovery    |  High  | Preview |         No          |
-| [COSMOS-5 - Configure continuous backup mode](#cosmos-5---configure-continuous-backup-mode)                                                                                                     |   Disaster Recovery    |  High  | Preview |         Yes         |
+| [COSMOS-5 - Configure continuous backup mode](#cosmos-5---configure-continuous-backup-mode)                                                                                                     |   Disaster Recovery    |  High  | Verified |         Yes         |
 | [COSMOS-6 - Ensure query results are fully drained](#cosmos-6---ensure-query-results-are-fully-drained)                                                                                         |   System Efficiency    |  High  | Preview |         No          |
 | [COSMOS-7 - Maintain singleton pattern in your client](#cosmos-7---maintain-singleton-pattern-in-your-client)                                                                                   |   System Efficiency    | Medium | Preview |         No          |
 | [COSMOS-8 - Implement retry logic in your client](#cosmos-8---implement-retry-logic-in-your-client)                                                                                             | Application Resilience | Medium | Preview |         No          |

docs/content/services/networking/expressroute-gateway/code/ergw-1/ergw-1.kql

@@ -5,28 +5,28 @@
 (resources
 | where type == "microsoft.network/virtualnetworkgateways"
 | where properties.gatewayType == "ExpressRoute"
-| extend exrGatewayId = tostring(id)
+| extend exrGatewayId = tolower(tostring(id))
 | join kind=inner(
 resources
 | where type == "microsoft.network/virtualnetworkgateways"
 | where properties.gatewayType == "ExpressRoute"
-| extend exrGatewayId = tostring(id)
+| extend exrGatewayId = tolower(tostring(id))
 | join kind=leftouter(
 //connections joined with circuit peer info
 resources
 | where type == "microsoft.network/connections"
 | extend connectionType = properties.connectionType
-| extend exrGatewayId = tostring(properties.virtualNetworkGateway1.id)
-| extend peerId = tostring(properties.peer.id)
-| extend connectionId = tostring(id)
+| extend exrGatewayId = tolower(tostring(properties.virtualNetworkGateway1.id))
+| extend peerId = tolower(tostring(properties.peer.id))
+| extend connectionId = tolower(tostring(id))
 | where connectionType == "ExpressRoute"
 | join kind=leftouter(
   resources
   | where type == "microsoft.network/expressroutecircuits"
     //should this be location instead of peeringLocation
-  | extend circuitId = tostring(id)
+  | extend circuitId = tolower(tostring(id))
   | extend peeringLocation = tostring(properties.serviceProviderProperties.peeringLocation)
-  | extend peerId = id
+  | extend peerId = tolower(id)
 ) on peerId ) on exrGatewayId
 //remove bare metal services connections/circuits
 | where not(isnotnull(connectionId) and isnull(sku1))
@@ -41,15 +41,15 @@ resources
 resources
 | where type == "microsoft.network/virtualnetworkgateways"
 | where properties.gatewayType == "ExpressRoute"
-| extend exrGatewayId = tostring(id)
+| extend exrGatewayId = tolower(tostring(id))
 | join kind=leftouter(
 //connections joined with circuit peer info
 resources
 | where type == "microsoft.network/connections"
 | extend connectionType = properties.connectionType
-| extend exrGatewayId = tostring(properties.virtualNetworkGateway1.id)
-| extend peerId = tostring(properties.peer.id)
-| extend connectionId = tostring(id)
+| extend exrGatewayId = tolower(tostring(properties.virtualNetworkGateway1.id))
+| extend peerId = tolower(tostring(properties.peer.id))
+| extend connectionId = tolower(tostring(id))
 | where connectionType == "ExpressRoute") on exrGatewayId
 | where isnull(connectionType)
 | project recommendationId = "ergw-1", name, id, tags, param1 = "twoOrMoreCircuitsConnectedFromDifferentPeeringLocations: false", param2 = "noConnectionsOnGateway: true"

docs/content/services/networking/expressroute-gateway/code/ergw-2/ergw-2.kql

@@ -4,5 +4,5 @@ resources
 | where type =~ "Microsoft.Network/virtualNetworkGateways"
 | where properties.gatewayType == "ExpressRoute"
 | where properties.sku.tier !contains 'AZ'
-| project recommendationId = "ergw-1", name, id, tags, param1= strcat("sku-tier: " , properties.sku.tier), param2=location
+| project recommendationId = "ergw-2", name, id, tags, param1= strcat("sku-tier: " , properties.sku.tier), param2=location
 | order by id asc

docs/content/services/networking/expressroute-gateway/code/ergw-4/ergw-4.1.kql

@@ -4,7 +4,7 @@
 resources
 | where type == "microsoft.network/virtualnetworkgateways"
 | where properties.gatewayType == "ExpressRoute"
-| extend gatewayId = tostring(id)
+| extend gatewayId = tolower(tostring(id))
 | extend skuName = properties.sku.name
 | project gatewayId, name, id, tags, skuName
 | join kind=leftouter(
@@ -14,7 +14,7 @@ resources
 | mv-expand alertProperties.scopes
 | mv-expand alertProperties.criteria.allOf
 | where alertProperties.enabled == true
-| extend gatewayId = tostring(alertProperties_scopes)
+| extend gatewayId = tolower(tostring(alertProperties_scopes))
 | extend criterionType = alertProperties_criteria_allOf.criterionType
 | extend metric = alertProperties_criteria_allOf.metricName
 | extend metricNamespace = alertProperties_criteria_allOf.metricNamespace

docs/content/services/networking/expressroute-gateway/code/ergw-4/ergw-4.2.kql

@@ -4,7 +4,7 @@
 resources
 | where type == "microsoft.network/virtualnetworkgateways"
 | where properties.gatewayType == "ExpressRoute"
-| extend gatewayId = tostring(id)
+| extend gatewayId = tolower(tostring(id))
 | extend skuName = properties.sku.name
 | extend routesLearnedPerSku = case(skuName == 'Standard', 4000,
                                     skuName == 'ErGw1AZ', 4000,
@@ -22,7 +22,7 @@ resources
 | mv-expand alertProperties.scopes
 | mv-expand alertProperties.criteria.allOf
 | where alertProperties.enabled == true
-| extend gatewayId = tostring(alertProperties_scopes)
+| extend gatewayId = tolower(tostring(alertProperties_scopes))
 | extend criterionType = alertProperties_criteria_allOf.criterionType
 | extend metric = alertProperties_criteria_allOf.metricName
 | extend metricNamespace = alertProperties_criteria_allOf.metricNamespace

docs/content/services/networking/expressroute-gateway/code/ergw-4/ergw-4.3.kql

@@ -4,7 +4,7 @@
 resources
 | where type == "microsoft.network/virtualnetworkgateways"
 | where properties.gatewayType == "ExpressRoute"
-| extend gatewayId = tostring(id)
+| extend gatewayId = tolower(tostring(id))
 | extend skuName = properties.sku.name
 | project gatewayId, name, id, tags, skuName
 | join kind=leftouter(
@@ -14,7 +14,7 @@ resources
 | mv-expand alertProperties.scopes
 | mv-expand alertProperties.criteria.allOf
 | where alertProperties.enabled == true
-| extend gatewayId = tostring(alertProperties_scopes)
+| extend gatewayId = tolower(tostring(alertProperties_scopes))
 | extend criterionType = alertProperties_criteria_allOf.criterionType
 | extend metric = alertProperties_criteria_allOf.metricName
 | extend metricNamespace = alertProperties_criteria_allOf.metricNamespace

docs/content/services/networking/expressroute-gateway/code/ergw-4/ergw-4.4.kql

@@ -4,7 +4,7 @@
 resources
 | where type == "microsoft.network/virtualnetworkgateways"
 | where properties.gatewayType == "ExpressRoute"
-| extend gatewayId = tostring(id)
+| extend gatewayId = tolower(tostring(id))
 | extend skuName = properties.sku.name
 | project gatewayId, name, id, tags, skuName
 | join kind=leftouter(
@@ -14,7 +14,7 @@ resources
 | mv-expand alertProperties.scopes
 | mv-expand alertProperties.criteria.allOf
 | where alertProperties.enabled == true
-| extend gatewayId = tostring(alertProperties_scopes)
+| extend gatewayId = tolower(tostring(alertProperties_scopes))
 | extend criterionType = alertProperties_criteria_allOf.criterionType
 | extend metric = alertProperties_criteria_allOf.metricName
 | extend metricNamespace = alertProperties_criteria_allOf.metricNamespace

docs/content/services/networking/expressroute-gateway/code/ergw-4/ergw-4.5.kql

@@ -4,7 +4,7 @@
 resources
 | where type == "microsoft.network/virtualnetworkgateways"
 | where properties.gatewayType == "ExpressRoute"
-| extend gatewayId = tostring(id)
+| extend gatewayId = tolower(tostring(id))
 | extend skuName = properties.sku.name
 | extend packetsPerSecondSku = case(skuName == 'Standard', 100000,
                                     skuName == 'ErGw1AZ', 100000,
@@ -22,7 +22,7 @@ resources
 | mv-expand alertProperties.scopes
 | mv-expand alertProperties.criteria.allOf
 | where alertProperties.enabled == true
-| extend gatewayId = tostring(alertProperties_scopes)
+| extend gatewayId = tolower(tostring(alertProperties_scopes))
 | extend criterionType = alertProperties_criteria_allOf.criterionType
 | extend metric = alertProperties_criteria_allOf.metricName
 | extend metricNamespace = alertProperties_criteria_allOf.metricNamespace

docs/content/services/networking/expressroute-gateway/code/ergw-4/ergw-4.6.kql

@@ -4,7 +4,7 @@
 resources
 | where type == "microsoft.network/virtualnetworkgateways"
 | where properties.gatewayType == "ExpressRoute"
-| extend gatewayId = tostring(id)
+| extend gatewayId = tolower(tostring(id))
 | extend skuName = properties.sku.name
 | extend flowsPerSku = case(skuName == 'Standard', 100000,
                                     skuName == 'ErGw1AZ', 100000,
@@ -22,7 +22,7 @@ resources
 | mv-expand alertProperties.scopes
 | mv-expand alertProperties.criteria.allOf
 | where alertProperties.enabled == true
-| extend gatewayId = tostring(alertProperties_scopes)
+| extend gatewayId = tolower(tostring(alertProperties_scopes))
 | extend criterionType = alertProperties_criteria_allOf.criterionType
 | extend metric = alertProperties_criteria_allOf.metricName
 | extend metricNamespace = alertProperties_criteria_allOf.metricNamespace

docs/content/services/networking/expressroute-gateway/code/ergw-4/ergw-4.7.kql

@@ -4,7 +4,7 @@
 resources
 | where type == "microsoft.network/virtualnetworkgateways"
 | where properties.gatewayType == "ExpressRoute"
-| extend gatewayId = tostring(id)
+| extend gatewayId = tolower(tostring(id))
 | extend skuName = properties.sku.name
 | extend maxVMsPerSku = case(skuName == 'Standard', 2000,
                                     skuName == 'ErGw1AZ', 2000,
@@ -22,7 +22,7 @@ resources
 | mv-expand alertProperties.scopes
 | mv-expand alertProperties.criteria.allOf
 | where alertProperties.enabled == true
-| extend gatewayId = tostring(alertProperties_scopes)
+| extend gatewayId = tolower(tostring(alertProperties_scopes))
 | extend criterionType = alertProperties_criteria_allOf.criterionType
 | extend metric = alertProperties_criteria_allOf.metricName
 | extend metricNamespace = alertProperties_criteria_allOf.metricNamespace

docs/content/services/networking/front-door/_index.md

@@ -22,7 +22,7 @@ The below table shows the list of resiliency recommendations for Front Door and
 | [AFD-4 - Configure logs](#afd-4---configure-logs)                                                                                                                   |    Monitoring     | Medium | Verified |         No          |
 | [AFD-5 - Use end-to-end TLS](#afd-5---use-end-to-end-tls)                                                                                                           |     Security      |  High  | Verified |         No          |
 | [AFD-6 - Use HTTP to HTTPS redirection](#afd-6---use-http-to-https-redirection)                                                                                     | Access & Security |  High  | Verified |         No          |
-| [AFD-7 - Use managed TLS certificates](#afd-7---use-managed-tls-certificates)                                                                                       | Access & Security | Medium | Verified |         No          |
+| [AFD-7 - Use managed TLS certificates](#afd-7---use-managed-tls-certificates)                                                                                       | Access & Security |  High  | Verified |         No          |
 | [AFD-8 - Use latest version for customer-managed certificates](#afd-8---use-latest-version-for-customer-managed-certificates)                                       | Access & Security | Medium | Verified |         No          |
 | [AFD-9 - Use the same domain name on Front Door and your origin](#afd-9---use-the-same-domain-name-on-front-door-and-your-origin)                                   |    Networking     | Medium | Verified |         No          |
 | [AFD-10 - Enable the WAF](#afd-10---enable-the-waf)                                                                                                                 | Access & Security | Medium | Verified |         No          |
@@ -204,7 +204,7 @@ You can configure Front Door to automatically redirect HTTP requests to use the
 
 **Category: Access & Security**
 
-**Impact: Medium**
+**Impact: High**
 
 **Guidance**
 

docs/content/services/specialized-workloads/azure-vmware-solution/code/avs-1/avs-1.kql

@@ -3,7 +3,8 @@
 //full list of private clouds
 (resources
 | where ['type'] == "microsoft.avs/privateclouds"
-| extend locale = location
+| extend locale = tolower(location)
+| extend subscriptionId = tolower(subscriptionId)
 | project id, name, tags, subscriptionId, locale)
 | join kind=leftouter
 //Alert ID's that include all incident types filtered by AVS Service Health alerts
@@ -20,6 +21,7 @@
 //Alert ID's that include only some of the incident types after filtering by service health alerts covering AVS private clouds.
 (resources
 | where type == "microsoft.insights/activitylogalerts"
+| extend subscriptionId = tolower(subscriptionId)
 | extend alertproperties = todynamic(properties)
 | where alertproperties.condition.allOf[0].field == "category" and alertproperties.condition.allOf[0].equals == "ServiceHealth"
 | where alertproperties.condition.allOf[2].field == "properties.impactedServices[*].ServiceName" and set_has_element(alertproperties.condition.allOf[2].containsAny, "Azure VMware Solution")

docs/content/services/specialized-workloads/azure-vmware-solution/code/avs-3/avs-3.kql

@@ -3,15 +3,15 @@
 (
 resources
 | where ['type'] == "microsoft.avs/privateclouds"
-| extend scopeId = tostring(id)
+| extend scopeId = tolower(tostring(id))
 | project ['scopeId'], name, id, tags
 | join kind=leftouter (
 resources
 | where type == "microsoft.insights/metricalerts"
 | extend alertProperties = todynamic(properties)
 | mv-expand alertProperties.scopes
 | mv-expand alertProperties.criteria.allOf
-| extend scopeId = tostring(alertProperties_scopes)
+| extend scopeId = tolower(tostring(alertProperties_scopes))
 | extend metric = alertProperties_criteria_allOf.metricName
 | extend threshold = alertProperties_criteria_allOf.threshold
 | project scopeId, tostring(metric), toint(['threshold'])
@@ -24,15 +24,15 @@ resources
 | union (
 resources
 | where ['type'] == "microsoft.avs/privateclouds"
-| extend scopeId = tostring(id)
+| extend scopeId = tolower(tostring(id))
 | project ['scopeId'], name, id, tags
 | join kind=leftouter (
 resources
 | where type == "microsoft.insights/metricalerts"
 | extend alertProperties = todynamic(properties)
 | mv-expand alertProperties.scopes
 | mv-expand alertProperties.criteria.allOf
-| extend scopeId = tostring(alertProperties_scopes)
+| extend scopeId = tolower(tostring(alertProperties_scopes))
 | extend metric = alertProperties_criteria_allOf.metricName
 | extend threshold = alertProperties_criteria_allOf.threshold
 | project scopeId, tostring(metric), toint(['threshold'])

docs/content/services/specialized-workloads/azure-vmware-solution/code/avs-5/avs-5.kql

@@ -2,15 +2,15 @@
 // Provides a list of Azure VMware Solution resources that don't have a Cluster CPU capacity critical alert with a threshold of 95%.
 resources
 | where ['type'] == "microsoft.avs/privateclouds"
-| extend scopeId = tostring(id)
+| extend scopeId = tolower(tostring(id))
 | project ['scopeId'], name, id, tags
 | join kind=leftouter (
 resources
 | where type == "microsoft.insights/metricalerts"
 | extend alertProperties = todynamic(properties)
 | mv-expand alertProperties.scopes
 | mv-expand alertProperties.criteria.allOf
-| extend scopeId = tostring(alertProperties_scopes)
+| extend scopeId = tolower(tostring(alertProperties_scopes))
 | extend metric = alertProperties_criteria_allOf.metricName
 | extend threshold = alertProperties_criteria_allOf.threshold
 | project scopeId, tostring(metric), toint(['threshold'])