Creating Azure Service Health Alerts in PowerShell

Azure Service Health provides you with an interactive dashboard that primarily tracks the health of your Azure Services in the regions that you have deployed to. There are three types of health events that are tracked:

  • Health Advisories:- Changes in Azure Services that require your attention, such as quota usage being exceeded or Azure resources becoming deprecated
  • Planned maintenance:- Scheduled maintenance that Azure are planning to services in future.
  • Service Issues:- Azure resources that are having issues which are affecting your environment(s)

With this, you may want to be alerted by any health events mentioned above. In this blog, I will be showing how to do this, using ARM template along with PowerShell.

Pre-requisite

Before deploying, we need to have an action group created.

Action Groups within Azure are a group of notification preferences and/or actions which are used by both Azure Monitor and service alerts. They can be defined in various ways depending on the environment you are working on, whether one action group is used for all alerts or action groups are split into different alerting scenarios..

Further information on Azure Action Groups and how to deploy, can be found in my blog: Azure Action Groups:- What are they?

The Deployment

Why ARM and not just PowerShell?

As of writing this blog – using the new cmdlet Set-AzActivityLogAlert did not work when trying to define specific regions & services using “properties.impactedServices[].ImpactedRegions[].RegionName” & “properties.impactedServices[*].ServiceName”. The cmdlet does work fine when you want to deploy a service alot for all regions and all services.

ARM Template

Within this template , I will be including all three health events: Health Advisories, Planned Maintenace & Service Issues

This template has been created in a generic way, with parameters that will be passed in at run-time within PowerShell, including both regions and services that you want to be alerted on.

Also note, the resource is configured for incremental, this will allow you to redeploy this template with various changes to services and/or regions.

ServiceHealthAlert.json

{
  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "LogAlertName": {
      "type": "string"
    },
    "actionGroupResourceId": {
      "type": "string"
    },
    "ServiceHealthRegions": {
      "type": "array"
    },
    "ServiceHealthServices": {
      "type": "array"
    }
  },
  "resources": [
    {
      "type": "Microsoft.Insights/activityLogAlerts",
      "apiVersion": "2017-04-01",
      "name": "[parameters('activityLogAlertName')]",
      "location": "Global",
      "kind": null,
      "tags": {

      },
      "properties": {
        "mode": "Incremental",
        "enabled": true,
        "description": "",
        "scopes": [
          "[subscription().id]"
        ],
        "condition": {
          "allOf": [
            {
              "field": "category",
              "equals": "ServiceHealth",
              "containsAny": null
            },
            {
              "field": "properties.incidentType",
              "equals": "Informational",
              "containsAny": null
            },
            {
              "field": "properties.incidentType",
              "equals": "Maintenance",
              "containsAny": null
            },
            {
              "field": "properties.incidentType",
              "equals": "Incident",
              "containsAny": null
            },
            {
              "field": "properties.incidentType",
              "equals": "ActionRequired",
              "containsAny": null
            },
            {
              "field": "properties.incidentType",
              "equals": "Security",
              "containsAny": null
            },
            {
              "field": "properties.impactedServices[*].ImpactedRegions[*].RegionName",
              "equals": null,
              "containsAny": "[parameters('ServiceHealthRegions')]"
            },
            {
              "field": "properties.impactedServices[*].ServiceName",
              "equals": null,
              "containsAny": "[parameters('ServiceHealthServices')]"
            }

          ]
        },
        "actions": {
          "actionGroups": [
            {
              "actionGroupId": "[parameters('actionGroupResourceId')]",
              "webhookProperties": {

              }
            }
          ]
        }
      }
    }
  ]
}

PowerShell

Time to to look at the PowerShell to run this ARM template

Changes required:

  • $actiongroup – Name & ResourceGroup to name of your actiongroup & resource group location
  • $ServiceHealthRegions – Contains regions that you want to be alerted on when Azure Services are affected
  • $ServiceHealthServices – List of Azure Services you want to be alerted on when they are affected

ServiceHealthAlert.ps1

		$actiongroup = Get-AzActionGroup -Name "tamopsag" -ResourceGroup "tamops" -WarningAction Ignore
        
        $ServiceHealthRegions = @(
                            "North Europe",
                            "West Europe"
                            )
                            
		$ServiceHealthServices = @(
							"Action Groups",
							"Activity Logs & Alerts",
							"Alerts & Metrics",
							"Alerts",
							"Application Insights",
							"Azure Active Directory",
							"Azure Active Directory Domain Services"
							)


		$params = @{
			LogAlertName = "TamOps Azure Service Notification"
			ServiceHealthRegions = $ServiceHealthRegions
			ServiceHealthServices = $ServiceHealthServices
			actiongroupresourceid = $actiongroup.id
		}

		New-AzResourceGroupDeployment `
			-Name "Azure-Service-Notification" `
			-ResourceGroupName "tamops" `
			-TemplateFile "/home/thomas/clouddrive/ServiceHealthAlert.json" `
			-TemplateParameterObject $params

Successful run of the PowerShell Script above will output the below.

DeploymentName          : Azure-Service-Notification
ResourceGroupName       : tamops
ProvisioningState       : Succeeded
Timestamp               : 7/17/19 9:55:41 PM
Mode                    : Incremental
TemplateLink            :
Parameters              :
                          Name                     Type                       Value
                          =======================  =========================  ==========
                          activityLogAlertName     String                     TamOps Azure Service Notification
                          actionGroupResourceId    String                     /subscriptions/<subscriptionid&gt;/resourceGroups/tamops/providers/microsoft.insights/actionGroups/tamopsag
                          serviceHealthRegions     Array                      [
                            "North Europe",
                            "West Europe"
                          ]
                          serviceHealthServices    Array                      [
                            "Action Groups",
                            "Activity Logs &amp; Alerts",
                            "Alerts &amp; Metrics",
                            "Alerts",
                            "Application Insights",
                            "Azure Active Directory",
                            "Azure Active Directory Domain Services"
                          ]

Outputs                 :
DeploymentDebugLogLevel :

As mentioned previously with the ARM template being configured as “incremental”, if you need to apply updates to the above arrays – you can just run the script again and it will update.

Viewing the Service Alert in Azure Portal

Select Service Health icon

Select Health Alerts

You can now see the Service Health alert that was created above

One thought on “Creating Azure Service Health Alerts in PowerShell

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s