Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixing compliance evaluation issues #192

Merged
merged 10 commits into from
May 13, 2024
Merged

Fixing compliance evaluation issues #192

merged 10 commits into from
May 13, 2024

Conversation

Brunoga-MS
Copy link
Collaborator

@Brunoga-MS Brunoga-MS commented Apr 15, 2024
edited
Loading

Overview/Summary

The compliance evaluation for the following alerts is not evaluated correctly despite the corresponding alerts were created correctly:

  • Deploy KeyVault Requests Alert
  • Deploy VNetG Ingress Packet Drop Mismatch Alert
  • Deploy VNetG Ingress Packet Drop Count Alert
  • Deploy VNetG Egress Packet Drop Mismatch Alert
  • Deploy VNetG Egress Packet Drop Count Alert

image

Reason why, is a wrong value for the minFailingPeriodsToAlert and numberOfEvaluationPeriods fields.

image

After correction, with a simple AMBA re-deployment and without running the remediation again if already executed, the resources appear compliant

image

Remediation tasks for alerts Deploy AGW BackendLastByteResponseTime and Deploy AGW ApplicationGatewayTotalTime are failing see GH Issue #194) because the value for timeAggregation is set to Total which is not allowed. Allowed values are Average and Maximum as per error message:

{"code":"BadRequest","message":"Time aggregation must be one of [Average, Maximum]. Activity ID: 2f08dc2e-10ce-470c-ae4a-5686252aaedc."}

Given the alerts being using dynamic thresholds, changing the value to Average, will make the remediation tasks successful:
image

image

image

This PR fixes/adds/changes/removes

  1. Changes the value of field minFailingPeriodsToAlert and numberOfEvaluationPeriods in the existenceCondition for the above alerts from 2 to 4 to fix the compliance evaluation issue. This is related to the following bugs in ADO #34468 and #34469
  2. *Changes the value of timeAggregation to Average for both Deploy AGW BackendLastByteResponseTime and Deploy AGW ApplicationGatewayTotalTime policy definitions. See GH Issue [Question/Feedback]: AGW Alert Deploy Failed for "Deploy AGW BackendLastByteResponseTime" and “Deploy AGW ApplicationGatewayTotalTime”  #194 and ADO bug #34697 *

Breaking Changes

  1. NONE

As part of this Pull Request I have

  • Read the Contribution Guide and ensured this PR is compliant with the guide
  • Checked for duplicate Pull Requests
  • Associated it with relevant GitHub Issues or ADO Work Items (Internal Only)
  • Ensured my code/branch is up-to-date with the latest changes in the main branch
  • Ensured PR tests are passing
  • Updated relevant and associated documentation (e.g. Contribution Guide, Docs etc.)

@Brunoga-MS Brunoga-MS requested a review from arjenhuitema April 15, 2024 11:15
@Brunoga-MS Brunoga-MS linked an issue Apr 16, 2024 that may be closed by this pull request
[Question/Feedback]: AGW Alert Deploy Failed for "Deploy AGW BackendLastByteResponseTime" and “Deploy AGW ApplicationGatewayTotalTime” #194
Closed
1 task
arjenhuitema
arjenhuitema reviewed May 13, 2024
View reviewed changes
Copy link
Contributor

@arjenhuitema arjenhuitema left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@arjenhuitema arjenhuitema merged commit aad6bf2 into Azure:main May 13, 2024
1 of 3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arjenhuitema arjenhuitema arjenhuitema approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
2 participants
@Brunoga-MS @arjenhuitema