Merge branch 'main' into main

Azure · Oct 10, 2023 · b5291ed · b5291ed
2 parents 47f05fb + d0ef576
commit b5291ed
Show file tree

Hide file tree

Showing 10 changed files with 95 additions and 0 deletions.
diff --git a/docs/content/services/compute/virtual-machine-scale-sets/_index.md b/docs/content/services/compute/virtual-machine-scale-sets/_index.md
@@ -226,6 +226,7 @@ When you create your VMSS, use availability zones to protect your applications a
 **Resources**
 
 - [Create a Virtual Machine Scale Set that uses Availability Zones](https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-use-availability-zones)
+- [Update scale set to add availability zones](https://learn.microsoft.com/azure/virtual-machine-scale-sets/virtual-machine-scale-sets-use-availability-zones?tabs=cli-1%2Cportal-2#update-scale-set-to-add-availability-zones)
 
 **Resource Graph Query/Scripts**
 

diff --git a/docs/content/services/container/azure-container-registry/_index.md b/docs/content/services/container/azure-container-registry/_index.md
@@ -128,6 +128,14 @@ Some characteristics of your images themselves can impact pull performance:
 
 - [Registry authentication options - Azure Container Registry](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-authentication?tabs=azure-cli#admin-account)
 
+**Resource Graph Query/Scripts**
+
+{{< collapse title="Show/Hide Query/Script" >}}
+
+{{< code lang="sql" file="code/cr-4/cr-4.kql" >}} {{< /code >}}
+
+{{< /collapse >}}
+
 <br><br>
 
 ### CR-5 - Use Repository namespaces
@@ -144,6 +152,13 @@ By using repository namespaces, you can allow sharing a single registry across m
 
 - [Registry best practices - use repository namespaces](https://learn.microsoft.com/en-us/azure/container-registry/container-registry-best-practices#repository-namespaces)
 
+**Resource Graph Query/Scripts**
+
+{{< collapse title="Show/Hide Query/Script" >}}
+
+{{< code lang="sql" file="code/cr-5/cr-5.kql" >}} {{< /code >}}
+
+{{< /collapse >}}
 <br><br>
 
 ### CR-6 - Move Container Registry to a dedicated resource group
@@ -263,6 +278,13 @@ Resource Logs are not collected and stored until you create a diagnostic setting
 - [Monitoring Azure Container Registry data reference - Resource Logs](https://learn.microsoft.com/en-us/azure/container-registry/monitor-service-reference#resource-logs)
 - [Monitor Azure Container Registry - Enable diagnostic logs](https://learn.microsoft.com/en-us/azure/container-registry/monitor-service#collection-and-routing)
 
+**Resource Graph Query/Scripts**
+
+{{< collapse title="Show/Hide Query/Script" >}}
+
+{{< code lang="sql" file="code/cr-10/cr-10.kql" >}} {{< /code >}}
+
+{{< /collapse >}}
 <br><br>
 
 ### CR-11 - Monitor Azure Container Registry with Azure Monitor
@@ -279,6 +301,15 @@ When you have critical applications and business processes relying on Azure reso
 
 - [Monitoring Azure Container Registry data reference](https://learn.microsoft.com/en-us/azure/container-registry/monitor-service-reference#metrics)
 - [Monitor Azure Container Registry](https://learn.microsoft.com/en-us/azure/container-registry/monitor-service)
+
+**Resource Graph Query/Scripts**
+
+{{< collapse title="Show/Hide Query/Script" >}}
+
+{{< code lang="sql" file="code/cr-11/cr-11.kql" >}} {{< /code >}}
+
+{{< /collapse >}}
+
 <br><br>
 
 ### CR-12 - Enable soft delete policy

diff --git a/docs/content/services/container/azure-container-registry/code/cr-10/cr-10.kql b/docs/content/services/container/azure-container-registry/code/cr-10/cr-10.kql
@@ -0,0 +1 @@
+// cannot-be-validated-with-arg
diff --git a/docs/content/services/container/azure-container-registry/code/cr-11/cr-11.kql b/docs/content/services/container/azure-container-registry/code/cr-11/cr-11.kql
@@ -0,0 +1 @@
+// cannot-be-validated-with-arg
diff --git a/docs/content/services/container/azure-container-registry/code/cr-4/cr-4.kql b/docs/content/services/container/azure-container-registry/code/cr-4/cr-4.kql
@@ -0,0 +1 @@
+// cannot-be-validated-with-arg
diff --git a/docs/content/services/container/azure-container-registry/code/cr-5/cr-5.kql b/docs/content/services/container/azure-container-registry/code/cr-5/cr-5.kql
@@ -0,0 +1 @@
+// cannot-be-validated-with-arg
diff --git a/docs/content/services/integration/event-hub/_index.md b/docs/content/services/integration/event-hub/_index.md
@@ -0,0 +1,50 @@
++++
+title = "Event Hub"
+description = "Best practices and resiliency recommendations for Event Hub and associated resources and settings."
+date = "10/6/23"
+author = "ejhenry"
+msAuthor = "ejhenry"
+draft = false
++++
+
+The presented resiliency recommendations in this guidance include Event Hub and associated resources and settings.
+
+## Summary of Recommendations
+
+{{< table style="table-striped" >}}
+| Recommendation                                    |  Category                                                               |  Impact         |  State            | ARG Query Available |
+| :------------------------------------------------ | :---------------------------------------------------------------------: | :------:        | :------:          | :-----------------: |
+| [EVHNS-1 - Enable zone redundancy for Event Hub namespace](#evhns-1---enable-zone-redundancy-for-event-hub-namespace) | High Availability | High | Preview  |         Yes         |
+{{< /table >}}
+
+{{< alert style="info" >}}
+
+Definitions of states can be found [here]({{< ref "../../../_index.md#definitions-of-terms-used-in-aprl">}})
+
+{{< /alert >}}
+
+## Recommendations Details
+
+### EVHNS-1 - Enable zone redundancy for Event Hub namespace
+
+**Category: Availability**
+
+**Impact: High**
+
+**Recommendation**
+
+Event Hubs supports Availability Zones, providing fault-isolated locations within an Azure region. The Availability Zones support is only available in Azure regions with availability zones. Both metadata and data (events) are replicated across data centers in the availability zone.
+
+**Resources**
+
+- [Azure Event Hubs - Geo-disaster recovery](https://learn.microsoft.com/azure/event-hubs/event-hubs-geo-dr?tabs=portal#availability-zones)
+
+**Resource Graph Query/Scripts**
+
+{{< collapse title="Show/Hide Query/Script" >}}
+
+{{< code lang="sql" file="code/evhns-1/evhns-1.kql" >}} {{< /code >}}
+
+{{< /collapse >}}
+
+<br><br>
diff --git a/docs/content/services/integration/event-hub/code/evhns-1/evhns-1.azcli b/docs/content/services/integration/event-hub/code/evhns-1/evhns-1.azcli
@@ -0,0 +1 @@
+:: under-development
diff --git a/docs/content/services/integration/event-hub/code/evhns-1/evhns-1.kql b/docs/content/services/integration/event-hub/code/evhns-1/evhns-1.kql
@@ -0,0 +1,7 @@
+// Azure Resource Graph Query
+// Find Event Hub namespace instances that are not zone redundant
+resources
+| where type == "microsoft.eventhub/namespaces"
+| where properties.zoneRedundant == false
+| project recommendationId = "evhns-1", name, id, param1 = "ZoneRedundant: False"
+| order by id asc
diff --git a/docs/content/services/integration/event-hub/code/evhns-1/evhns-1.ps1 b/docs/content/services/integration/event-hub/code/evhns-1/evhns-1.ps1
@@ -0,0 +1 @@
+# under-development