Control types for @turbot/azure-compute

• Azure > Compute > Availability Set > Active
• Azure > Compute > Availability Set > Approved
• Azure > Compute > Availability Set > CMDB
• Azure > Compute > Availability Set > Discovery
• Azure > Compute > Availability Set > Tags
• Azure > Compute > Disk > Active
• Azure > Compute > Disk > Approved
• Azure > Compute > Disk > CMDB
• Azure > Compute > Disk > Discovery
• Azure > Compute > Disk > Tags
• Azure > Compute > Disk Encryption Set > Active
• Azure > Compute > Disk Encryption Set > Approved
• Azure > Compute > Disk Encryption Set > CMDB
• Azure > Compute > Disk Encryption Set > Discovery
• Azure > Compute > Disk Encryption Set > Tags
• Azure > Compute > Image > Active
• Azure > Compute > Image > Approved
• Azure > Compute > Image > CMDB
• Azure > Compute > Image > Discovery
• Azure > Compute > Image > Tags
• Azure > Compute > Snapshot > Active
• Azure > Compute > Snapshot > Approved
• Azure > Compute > Snapshot > CMDB
• Azure > Compute > Snapshot > Discovery
• Azure > Compute > Snapshot > Tags
• Azure > Compute > Ssh Public Key > Active
• Azure > Compute > Ssh Public Key > Approved
• Azure > Compute > Ssh Public Key > CMDB
• Azure > Compute > Ssh Public Key > Discovery
• Azure > Compute > Ssh Public Key > Tags
• Azure > Compute > Virtual Machine > Active
• Azure > Compute > Virtual Machine > Approved
• Azure > Compute > Virtual Machine > CMDB
• Azure > Compute > Virtual Machine > Discovery
• Azure > Compute > Virtual Machine > Schedule
• Azure > Compute > Virtual Machine > Tags
• Azure > Compute > Virtual Machine Scale Set > Active
• Azure > Compute > Virtual Machine Scale Set > Approved
• Azure > Compute > Virtual Machine Scale Set > CMDB
• Azure > Compute > Virtual Machine Scale Set > Discovery
• Azure > Compute > Virtual Machine Scale Set > Tags

Azure > Compute > Availability Set > Active

Take an action when an Azure Compute availability set is not active based on the
Azure > Compute > Availability Set > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (Azure > Compute > Availability Set > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note: In contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

Azure > Compute > Availability Set > Approved

Take an action when an Azure Compute availability set is not approved based on Azure > Compute > Availability Set > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

Azure > Compute > Availability Set > CMDB

Record and synchronize details for the Azure Compute availability set into the CMDB.

The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.

Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.

CMDB controls also use the Regions policy associated with the resource. If
region is not in Azure > Compute > Availability Set > Regions policy, the CMDB control will delete the
resource from the CMDB.

Azure > Compute > Availability Set > Discovery

Discover all Azure Compute availability set resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note: Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in Azure > Compute > Availability Set > Regions policy, the CMDB control will delete the resource from the CMDB.

Azure > Compute > Availability Set > Tags

Take an action when an Azure Compute availability set tags is not updated based on the Azure > Compute > Availability Set > Tags > * policies.

If the resource is not updated with the tags defined in Azure > Compute > Availability Set > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

Azure > Compute > Disk > Active

Take an action when an Azure Compute disk is not active based on the
Azure > Compute > Disk > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (Azure > Compute > Disk > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note: In contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

Azure > Compute > Disk > Approved

Take an action when an Azure Compute disk is not approved based on Azure > Compute > Disk > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

Azure > Compute > Disk > CMDB

Record and synchronize details for the Azure Compute disk into the CMDB.

The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.

Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.

CMDB controls also use the Regions policy associated with the resource. If
region is not in Azure > Compute > Disk > Regions policy, the CMDB control will delete the
resource from the CMDB.

Azure > Compute > Disk > Discovery

Discover all Azure Compute disk resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note: Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in Azure > Compute > Disk > Regions policy, the CMDB control will delete the resource from the CMDB.

Azure > Compute > Disk > Tags

Take an action when an Azure Compute disk tags is not updated based on the Azure > Compute > Disk > Tags > * policies.

If the resource is not updated with the tags defined in Azure > Compute > Disk > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

Azure > Compute > Disk Encryption Set > Active

Take an action when an Azure Compute disk encryption set is not active based on the
Azure > Compute > Disk Encryption Set > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (Azure > Compute > Disk Encryption Set > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note: In contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

Azure > Compute > Disk Encryption Set > Approved

Take an action when an Azure Compute disk encryption set is not approved based on Azure > Compute > Disk Encryption Set > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

Azure > Compute > Disk Encryption Set > CMDB

Record and synchronize details for the Azure Compute disk encryption set into the CMDB.

The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.

Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.

CMDB controls also use the Regions policy associated with the resource. If
region is not in Azure > Compute > Disk Encryption Set > Regions policy, the CMDB control will delete the
resource from the CMDB.

Azure > Compute > Disk Encryption Set > Discovery

Discover all Azure Compute disk encryption set resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note: Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in Azure > Compute > Disk Encryption Set > Regions policy, the CMDB control will delete the resource from the CMDB.

Azure > Compute > Disk Encryption Set > Tags

Take an action when an Azure Compute disk encryption set tags is not updated based on the Azure > Compute > Disk Encryption Set > Tags > * policies.

If the resource is not updated with the tags defined in Azure > Compute > Disk Encryption Set > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

Azure > Compute > Image > Active

Take an action when an Azure Compute image is not active based on the
Azure > Compute > Image > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (Azure > Compute > Image > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note: In contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

Azure > Compute > Image > Approved

Take an action when an Azure Compute image is not approved based on Azure > Compute > Image > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

Azure > Compute > Image > CMDB

Record and synchronize details for the Azure Compute image into the CMDB.

The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.

Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.

CMDB controls also use the Regions policy associated with the resource. If
region is not in Azure > Compute > Image > Regions policy, the CMDB control will delete the
resource from the CMDB.

Azure > Compute > Image > Discovery

Discover all Azure Compute image resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note: Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in Azure > Compute > Image > Regions policy, the CMDB control will delete the resource from the CMDB.

Azure > Compute > Image > Tags

Take an action when an Azure Compute image tags is not updated based on the Azure > Compute > Image > Tags > * policies.

If the resource is not updated with the tags defined in Azure > Compute > Image > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

Azure > Compute > Snapshot > Active

Take an action when an Azure Compute snapshot is not active based on the
Azure > Compute > Snapshot > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (Azure > Compute > Snapshot > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note: In contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

Azure > Compute > Snapshot > Approved

Take an action when an Azure Compute snapshot is not approved based on Azure > Compute > Snapshot > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

Azure > Compute > Snapshot > CMDB

Record and synchronize details for the Azure Compute snapshot into the CMDB.

The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.

Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.

CMDB controls also use the Regions policy associated with the resource. If
region is not in Azure > Compute > Snapshot > Regions policy, the CMDB control will delete the
resource from the CMDB.

Azure > Compute > Snapshot > Discovery

Discover all Azure Compute snapshot resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note: Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in Azure > Compute > Snapshot > Regions policy, the CMDB control will delete the resource from the CMDB.

Azure > Compute > Snapshot > Tags

Take an action when an Azure Compute snapshot tags is not updated based on the Azure > Compute > Snapshot > Tags > * policies.

If the resource is not updated with the tags defined in Azure > Compute > Snapshot > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

Azure > Compute > Ssh Public Key > Active

Take an action when an Azure Compute ssh public key is not active based on the
Azure > Compute > Ssh Public Key > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (Azure > Compute > Ssh Public Key > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note: In contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

Azure > Compute > Ssh Public Key > Approved

Take an action when an Azure Compute ssh public key is not approved based on Azure > Compute > Ssh Public Key > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

Azure > Compute > Ssh Public Key > CMDB

Record and synchronize details for the Azure Compute ssh public key into the CMDB.

The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.

Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.

CMDB controls also use the Regions policy associated with the resource. If
region is not in Azure > Compute > Ssh Public Key > Regions policy, the CMDB control will delete the
resource from the CMDB.

Azure > Compute > Ssh Public Key > Discovery

Discover all Azure Compute ssh public key resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note: Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in Azure > Compute > Ssh Public Key > Regions policy, the CMDB control will delete the resource from the CMDB.

Azure > Compute > Ssh Public Key > Tags

Take an action when an Azure Compute ssh public key tags is not updated based on the Azure > Compute > Ssh Public Key > Tags > * policies.

If the resource is not updated with the tags defined in Azure > Compute > Ssh Public Key > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

Azure > Compute > Virtual Machine > Active

Take an action when an Azure Compute virtual machine is not active based on the
Azure > Compute > Virtual Machine > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (Azure > Compute > Virtual Machine > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note: In contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

Azure > Compute > Virtual Machine > Approved

Take an action when an Azure Compute virtual machine is not approved based on Azure > Compute > Virtual Machine > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

Azure > Compute > Virtual Machine > CMDB

Record and synchronize details for the Azure Compute virtual machine into the CMDB.

The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.

Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.

CMDB controls also use the Regions policy associated with the resource. If
region is not in Azure > Compute > Virtual Machine > Regions policy, the CMDB control will delete the
resource from the CMDB.

Azure > Compute > Virtual Machine > Discovery

Discover all Azure Compute virtual machine resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note: Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in Azure > Compute > Virtual Machine > Regions policy, the CMDB control will delete the resource from the CMDB.

Azure > Compute > Virtual Machine > Schedule

Set a schedule for starting and stopping an Azure Compute virtual machine.

Note If both "Schedule" and "Schedule Tag" are set to enforce and the
virtual machine has a turbot_custom_schedule tag, then the schedule specified by
the tag will be in effect.

Azure > Compute > Virtual Machine > Tags

Take an action when an Azure Compute virtual machine tags is not updated based on the Azure > Compute > Virtual Machine > Tags > * policies.

If the resource is not updated with the tags defined in Azure > Compute > Virtual Machine > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.

Azure > Compute > Virtual Machine Scale Set > Active

Take an action when an Azure Compute virtual machine scale set is not active based on the
Azure > Compute > Virtual Machine Scale Set > Active > * policies.

The Active control determines whether the resource is in active use, and if not, has
the ability to delete / cleanup the resource. When running an automated compliance
environment, it's common to end up with a wide range of alarms that are difficult
and time consuming to clear. The Active control brings automated, well-defined
control to this process.

The Active control checks the status of all defined Active policies for the
resource (Azure > Compute > Virtual Machine Scale Set > Active > *),
raises an alarm, and takes the defined enforcement action. Each Active
sub-policy can calculate a status of active, inactive or skipped. Generally,
if the resource appears to be Active for any reason it will be considered Active.

Note: In contrast with Approved, where if the resource appears to be Unapproved
for any reason it will be considered Unapproved.

See Active for more information.

Azure > Compute > Virtual Machine Scale Set > Approved

Take an action when an Azure Compute virtual machine scale set is not approved based on Azure > Compute > Virtual Machine Scale Set > Approved > * policies.

The Approved control checks the status of the defined Approved sub-policies for the resource. If the resource is not approved according to any of these policies, this control raises an alarm and takes the defined enforcement action.

For any enforcement actions that specify if new, e.g., Enforce: Delete unapproved if new, this control will only take the enforcement actions for resources created within the last 60 minutes.

See Approved for more information.

Azure > Compute > Virtual Machine Scale Set > CMDB

Record and synchronize details for the Azure Compute virtual machine scale set into the CMDB.

The CMDB control is
responsible for populating and updating all the attributes for that
resource type in the Guardrails CMDB.

Note: If CMDB is set to Skip for a resource, then it will not be added
to the CMDB, and no controls that target it will run.

CMDB controls also use the Regions policy associated with the resource. If
region is not in Azure > Compute > Virtual Machine Scale Set > Regions policy, the CMDB control will delete the
resource from the CMDB.

Azure > Compute > Virtual Machine Scale Set > Discovery

Discover all Azure Compute virtual machine scale set resources and add them to the CMDB.

The Discovery control is responsible for finding resources of a specific type. It periodically searches for new resources and saves them to the CMDB. Once discovered, resources are then responsible for tracking changes to themselves through the CMDB control.

Note: Discovery and CMDB controls also use the Regions policy associated with the resource. If the region is not in Azure > Compute > Virtual Machine Scale Set > Regions policy, the CMDB control will delete the resource from the CMDB.

Azure > Compute > Virtual Machine Scale Set > Tags

Take an action when an Azure Compute virtual machine scale set tags is not updated based on the Azure > Compute > Virtual Machine Scale Set > Tags > * policies.

If the resource is not updated with the tags defined in Azure > Compute > Virtual Machine Scale Set > Tags > Template, this control raises an alarm and takes the defined enforcement action.

See Tags for more information.