Azure Proactive Resiliency Library v2
Tools Glossary GitHub GitHub Issues Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage

virtualHubs

Summary

RecommendationImpactCategoryAutomation AvailableIn Azure Advisor
Migrate from Basic to Standard Virtual WANHighService Upgrade and RetirementNoNo
Monitor health for v-HubsMediumMonitoring and AlertingNoNo

Details

Migrate from Basic to Standard Virtual WAN

Impact:  High Category:  Service Upgrade and Retirement

APRL GUID:  f29e56a1-6a80-4295-a663-1cce0ea2b10a

Description:

Basic SKU is not recommended for critical workloads. Standard SKU provides important features Inter-hub and VNet-to-VNet transiting through the virtual hub, ExpressRoute, VPN and Point to Site Gateways, ability to deploy Azure Firewalls and NVAs.

Potential Benefits:

Full Mesh communication and resiliency
Learn More:
Upgrade a virtual WAN from Basic to Standard

ARG Query:

Click the Azure Resource Graph tab to view the query

// Azure Resource Graph Query
// Find all Virtual WANs with Basic SKU. This is done at the Virtual Hub Resource Provider

resources
| where type == "microsoft.network/virtualhubs"
| extend sku = tostring(properties.sku), virtualWanId = tostring(properties.virtualWan.id)
| where sku == "Basic"
| join (
    resources
    | where type == "microsoft.network/virtualwans"
    | project id, name, tags
) on $left.virtualWanId == $right.id
| project recommendationId = "f29e56a1-6a80-4295-a663-1cce0ea2b10a", name, id, tags, param1=strcat("SKU: ", sku)

Monitor health for v-Hubs

Impact:  Medium Category:  Monitoring and Alerting

APRL GUID:  30ec8a5e-46de-4323-87e9-a7c56b72813b

Description:

Set up monitoring and alerts for v-Hubs. Create alert rule for ensuring promptly response to changes in BGP status and Data processed by v-Hubs.

Potential Benefits:

Detection and mitigation to avoid disruptions.
Learn More:
Virtual WAN Monitoring Best Practices

ARG Query:

Click the Azure Resource Graph tab to view the query

// Azure Resource Graph Query
// Find what virtual Hubs do not have Monitoring Enabled.

resources
| where type =~ "Microsoft.Network/virtualHubs"
| where ['kind'] != 'RouteServer'
| extend hubId = tolower(tostring(id)), hubName = name, hubTags = tags, hubLocation = location, vwanId = tolower(tostring(properties.virtualWan.id))
| join kind=leftouter (
    resources
    | where type =~ "microsoft.insights/metricalerts"
    | mv-expand scope = properties.scopes
    | where scope has "Microsoft.Network/virtualHubs"
    | where ['kind'] != 'RouteServer'
    | extend scope = tolower(tostring(scope))
    | project scope
) on $left.hubId == $right.scope
| where strlen(scope) == 0
| join kind=leftouter (
    resources
    | where type =~ "Microsoft.Network/virtualWans"
    | extend vwanId = tolower(tostring(id)), vwanName = name
    | project vwanId, vwanName
) on $left.vwanId == $right.vwanId
| project recommendationId = "30ec8a5e-46de-4323-87e9-a7c56b72813b", name, id, tags, param1=strcat("vWAN Name : ",vwanName)