The azure-native:alertsmanagement:AlertProcessingRuleByName resource, part of the Pulumi Azure Native provider, defines alert processing rules that route alerts to action groups or suppress notifications based on conditions and schedules. This guide focuses on three capabilities: action group routing, severity-based filtering, and scheduled suppression windows.
Alert processing rules reference existing action groups, subscriptions, resource groups, and monitored resources. The examples are intentionally small. Combine them with your own monitoring infrastructure and notification channels.
Route all alerts to an action group
Teams often start by ensuring all alerts in a subscription trigger notifications through a central action group, establishing baseline visibility.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const alertProcessingRuleByName = new azure_native.alertsmanagement.AlertProcessingRuleByName("alertProcessingRuleByName", {
alertProcessingRuleName: "AddActionGroupToSubscription",
location: "Global",
properties: {
actions: [{
actionGroupIds: ["/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/ActionGroup1"],
actionType: "AddActionGroups",
}],
description: "Add ActionGroup1 to all alerts in the subscription",
enabled: true,
scopes: ["/subscriptions/subId1"],
},
resourceGroupName: "alertscorrelationrg",
tags: {},
});
import pulumi
import pulumi_azure_native as azure_native
alert_processing_rule_by_name = azure_native.alertsmanagement.AlertProcessingRuleByName("alertProcessingRuleByName",
alert_processing_rule_name="AddActionGroupToSubscription",
location="Global",
properties={
"actions": [{
"action_group_ids": ["/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/ActionGroup1"],
"action_type": "AddActionGroups",
}],
"description": "Add ActionGroup1 to all alerts in the subscription",
"enabled": True,
"scopes": ["/subscriptions/subId1"],
},
resource_group_name="alertscorrelationrg",
tags={})
package main
import (
alertsmanagement "github.com/pulumi/pulumi-azure-native-sdk/alertsmanagement/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := alertsmanagement.NewAlertProcessingRuleByName(ctx, "alertProcessingRuleByName", &alertsmanagement.AlertProcessingRuleByNameArgs{
AlertProcessingRuleName: pulumi.String("AddActionGroupToSubscription"),
Location: pulumi.String("Global"),
Properties: &alertsmanagement.AlertProcessingRulePropertiesArgs{
Actions: pulumi.Array{
alertsmanagement.AddActionGroups{
ActionGroupIds: []string{
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/ActionGroup1",
},
ActionType: "AddActionGroups",
},
},
Description: pulumi.String("Add ActionGroup1 to all alerts in the subscription"),
Enabled: pulumi.Bool(true),
Scopes: pulumi.StringArray{
pulumi.String("/subscriptions/subId1"),
},
},
ResourceGroupName: pulumi.String("alertscorrelationrg"),
Tags: pulumi.StringMap{},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var alertProcessingRuleByName = new AzureNative.AlertsManagement.AlertProcessingRuleByName("alertProcessingRuleByName", new()
{
AlertProcessingRuleName = "AddActionGroupToSubscription",
Location = "Global",
Properties = new AzureNative.AlertsManagement.Inputs.AlertProcessingRulePropertiesArgs
{
Actions = new[]
{
new AzureNative.AlertsManagement.Inputs.AddActionGroupsArgs
{
ActionGroupIds = new[]
{
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/ActionGroup1",
},
ActionType = "AddActionGroups",
},
},
Description = "Add ActionGroup1 to all alerts in the subscription",
Enabled = true,
Scopes = new[]
{
"/subscriptions/subId1",
},
},
ResourceGroupName = "alertscorrelationrg",
Tags = null,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.alertsmanagement.AlertProcessingRuleByName;
import com.pulumi.azurenative.alertsmanagement.AlertProcessingRuleByNameArgs;
import com.pulumi.azurenative.alertsmanagement.inputs.AlertProcessingRulePropertiesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var alertProcessingRuleByName = new AlertProcessingRuleByName("alertProcessingRuleByName", AlertProcessingRuleByNameArgs.builder()
.alertProcessingRuleName("AddActionGroupToSubscription")
.location("Global")
.properties(AlertProcessingRulePropertiesArgs.builder()
.actions(AddActionGroupsArgs.builder()
.actionGroupIds("/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/ActionGroup1")
.actionType("AddActionGroups")
.build())
.description("Add ActionGroup1 to all alerts in the subscription")
.enabled(true)
.scopes("/subscriptions/subId1")
.build())
.resourceGroupName("alertscorrelationrg")
.tags(Map.ofEntries(
))
.build());
}
}
resources:
alertProcessingRuleByName:
type: azure-native:alertsmanagement:AlertProcessingRuleByName
properties:
alertProcessingRuleName: AddActionGroupToSubscription
location: Global
properties:
actions:
- actionGroupIds:
- /subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/ActionGroup1
actionType: AddActionGroups
description: Add ActionGroup1 to all alerts in the subscription
enabled: true
scopes:
- /subscriptions/subId1
resourceGroupName: alertscorrelationrg
tags: {}
When an alert fires anywhere in the subscription, Azure evaluates this rule and adds the specified action group to the alert’s notification list. The actions array defines what happens (AddActionGroups adds notification channels), actionGroupIds lists the target action groups, and scopes determines which alerts the rule applies to. Setting enabled to true activates the rule immediately.
Filter alerts by severity and scope
Production environments often need different notification channels for critical alerts, routing high-severity incidents to multiple teams while filtering out lower-priority noise.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const alertProcessingRuleByName = new azure_native.alertsmanagement.AlertProcessingRuleByName("alertProcessingRuleByName", {
alertProcessingRuleName: "AddActionGroupsBySeverity",
location: "Global",
properties: {
actions: [{
actionGroupIds: [
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId1",
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId2",
],
actionType: "AddActionGroups",
}],
conditions: [{
field: azure_native.alertsmanagement.Field.Severity,
operator: azure_native.alertsmanagement.Operator.Equals,
values: [
"sev0",
"sev1",
],
}],
description: "Add AGId1 and AGId2 to all Sev0 and Sev1 alerts in these resourceGroups",
enabled: true,
scopes: [
"/subscriptions/subId1/resourceGroups/RGId1",
"/subscriptions/subId1/resourceGroups/RGId2",
],
},
resourceGroupName: "alertscorrelationrg",
tags: {},
});
import pulumi
import pulumi_azure_native as azure_native
alert_processing_rule_by_name = azure_native.alertsmanagement.AlertProcessingRuleByName("alertProcessingRuleByName",
alert_processing_rule_name="AddActionGroupsBySeverity",
location="Global",
properties={
"actions": [{
"action_group_ids": [
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId1",
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId2",
],
"action_type": "AddActionGroups",
}],
"conditions": [{
"field": azure_native.alertsmanagement.Field.SEVERITY,
"operator": azure_native.alertsmanagement.Operator.EQUALS,
"values": [
"sev0",
"sev1",
],
}],
"description": "Add AGId1 and AGId2 to all Sev0 and Sev1 alerts in these resourceGroups",
"enabled": True,
"scopes": [
"/subscriptions/subId1/resourceGroups/RGId1",
"/subscriptions/subId1/resourceGroups/RGId2",
],
},
resource_group_name="alertscorrelationrg",
tags={})
package main
import (
alertsmanagement "github.com/pulumi/pulumi-azure-native-sdk/alertsmanagement/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := alertsmanagement.NewAlertProcessingRuleByName(ctx, "alertProcessingRuleByName", &alertsmanagement.AlertProcessingRuleByNameArgs{
AlertProcessingRuleName: pulumi.String("AddActionGroupsBySeverity"),
Location: pulumi.String("Global"),
Properties: &alertsmanagement.AlertProcessingRulePropertiesArgs{
Actions: pulumi.Array{
alertsmanagement.AddActionGroups{
ActionGroupIds: []string{
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId1",
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId2",
},
ActionType: "AddActionGroups",
},
},
Conditions: alertsmanagement.ConditionArray{
&alertsmanagement.ConditionArgs{
Field: pulumi.String(alertsmanagement.FieldSeverity),
Operator: pulumi.String(alertsmanagement.OperatorEquals),
Values: pulumi.StringArray{
pulumi.String("sev0"),
pulumi.String("sev1"),
},
},
},
Description: pulumi.String("Add AGId1 and AGId2 to all Sev0 and Sev1 alerts in these resourceGroups"),
Enabled: pulumi.Bool(true),
Scopes: pulumi.StringArray{
pulumi.String("/subscriptions/subId1/resourceGroups/RGId1"),
pulumi.String("/subscriptions/subId1/resourceGroups/RGId2"),
},
},
ResourceGroupName: pulumi.String("alertscorrelationrg"),
Tags: pulumi.StringMap{},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var alertProcessingRuleByName = new AzureNative.AlertsManagement.AlertProcessingRuleByName("alertProcessingRuleByName", new()
{
AlertProcessingRuleName = "AddActionGroupsBySeverity",
Location = "Global",
Properties = new AzureNative.AlertsManagement.Inputs.AlertProcessingRulePropertiesArgs
{
Actions = new[]
{
new AzureNative.AlertsManagement.Inputs.AddActionGroupsArgs
{
ActionGroupIds = new[]
{
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId1",
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId2",
},
ActionType = "AddActionGroups",
},
},
Conditions = new[]
{
new AzureNative.AlertsManagement.Inputs.ConditionArgs
{
Field = AzureNative.AlertsManagement.Field.Severity,
Operator = AzureNative.AlertsManagement.Operator.EqualsValue,
Values = new[]
{
"sev0",
"sev1",
},
},
},
Description = "Add AGId1 and AGId2 to all Sev0 and Sev1 alerts in these resourceGroups",
Enabled = true,
Scopes = new[]
{
"/subscriptions/subId1/resourceGroups/RGId1",
"/subscriptions/subId1/resourceGroups/RGId2",
},
},
ResourceGroupName = "alertscorrelationrg",
Tags = null,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.alertsmanagement.AlertProcessingRuleByName;
import com.pulumi.azurenative.alertsmanagement.AlertProcessingRuleByNameArgs;
import com.pulumi.azurenative.alertsmanagement.inputs.AlertProcessingRulePropertiesArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var alertProcessingRuleByName = new AlertProcessingRuleByName("alertProcessingRuleByName", AlertProcessingRuleByNameArgs.builder()
.alertProcessingRuleName("AddActionGroupsBySeverity")
.location("Global")
.properties(AlertProcessingRulePropertiesArgs.builder()
.actions(AddActionGroupsArgs.builder()
.actionGroupIds(
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId1",
"/subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId2")
.actionType("AddActionGroups")
.build())
.conditions(ConditionArgs.builder()
.field("Severity")
.operator("Equals")
.values(
"sev0",
"sev1")
.build())
.description("Add AGId1 and AGId2 to all Sev0 and Sev1 alerts in these resourceGroups")
.enabled(true)
.scopes(
"/subscriptions/subId1/resourceGroups/RGId1",
"/subscriptions/subId1/resourceGroups/RGId2")
.build())
.resourceGroupName("alertscorrelationrg")
.tags(Map.ofEntries(
))
.build());
}
}
resources:
alertProcessingRuleByName:
type: azure-native:alertsmanagement:AlertProcessingRuleByName
properties:
alertProcessingRuleName: AddActionGroupsBySeverity
location: Global
properties:
actions:
- actionGroupIds:
- /subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId1
- /subscriptions/subId1/resourcegroups/RGId1/providers/microsoft.insights/actiongroups/AGId2
actionType: AddActionGroups
conditions:
- field: Severity
operator: Equals
values:
- sev0
- sev1
description: Add AGId1 and AGId2 to all Sev0 and Sev1 alerts in these resourceGroups
enabled: true
scopes:
- /subscriptions/subId1/resourceGroups/RGId1
- /subscriptions/subId1/resourceGroups/RGId2
resourceGroupName: alertscorrelationrg
tags: {}
The conditions array filters which alerts trigger the rule. Here, the field property targets alert severity, the operator checks for equality, and values lists the severities to match (sev0 and sev1). Only alerts matching these conditions in the specified resource groups will route to both action groups. This extends basic routing by adding conditional logic.
Suppress notifications during scheduled maintenance
Planned maintenance windows generate expected alerts that teams don’t need to act on. Suppression rules prevent notification fatigue by silencing alerts during known downtime.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const alertProcessingRuleByName = new azure_native.alertsmanagement.AlertProcessingRuleByName("alertProcessingRuleByName", {
alertProcessingRuleName: "RemoveActionGroupsMaintenanceWindow",
location: "Global",
properties: {
actions: [{
actionType: "RemoveAllActionGroups",
}],
description: "Removes all ActionGroups from all Alerts on VMName during the maintenance window",
enabled: true,
schedule: {
effectiveFrom: "2021-04-15T18:00:00",
effectiveUntil: "2021-04-15T20:00:00",
timeZone: "Pacific Standard Time",
},
scopes: ["/subscriptions/subId1/resourceGroups/RGId1/providers/Microsoft.Compute/virtualMachines/VMName"],
},
resourceGroupName: "alertscorrelationrg",
tags: {},
});
import pulumi
import pulumi_azure_native as azure_native
alert_processing_rule_by_name = azure_native.alertsmanagement.AlertProcessingRuleByName("alertProcessingRuleByName",
alert_processing_rule_name="RemoveActionGroupsMaintenanceWindow",
location="Global",
properties={
"actions": [{
"action_type": "RemoveAllActionGroups",
}],
"description": "Removes all ActionGroups from all Alerts on VMName during the maintenance window",
"enabled": True,
"schedule": {
"effective_from": "2021-04-15T18:00:00",
"effective_until": "2021-04-15T20:00:00",
"time_zone": "Pacific Standard Time",
},
"scopes": ["/subscriptions/subId1/resourceGroups/RGId1/providers/Microsoft.Compute/virtualMachines/VMName"],
},
resource_group_name="alertscorrelationrg",
tags={})
package main
import (
alertsmanagement "github.com/pulumi/pulumi-azure-native-sdk/alertsmanagement/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := alertsmanagement.NewAlertProcessingRuleByName(ctx, "alertProcessingRuleByName", &alertsmanagement.AlertProcessingRuleByNameArgs{
AlertProcessingRuleName: pulumi.String("RemoveActionGroupsMaintenanceWindow"),
Location: pulumi.String("Global"),
Properties: &alertsmanagement.AlertProcessingRulePropertiesArgs{
Actions: pulumi.Array{
alertsmanagement.RemoveAllActionGroups{
ActionType: "RemoveAllActionGroups",
},
},
Description: pulumi.String("Removes all ActionGroups from all Alerts on VMName during the maintenance window"),
Enabled: pulumi.Bool(true),
Schedule: &alertsmanagement.ScheduleArgs{
EffectiveFrom: pulumi.String("2021-04-15T18:00:00"),
EffectiveUntil: pulumi.String("2021-04-15T20:00:00"),
TimeZone: pulumi.String("Pacific Standard Time"),
},
Scopes: pulumi.StringArray{
pulumi.String("/subscriptions/subId1/resourceGroups/RGId1/providers/Microsoft.Compute/virtualMachines/VMName"),
},
},
ResourceGroupName: pulumi.String("alertscorrelationrg"),
Tags: pulumi.StringMap{},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var alertProcessingRuleByName = new AzureNative.AlertsManagement.AlertProcessingRuleByName("alertProcessingRuleByName", new()
{
AlertProcessingRuleName = "RemoveActionGroupsMaintenanceWindow",
Location = "Global",
Properties = new AzureNative.AlertsManagement.Inputs.AlertProcessingRulePropertiesArgs
{
Actions = new[]
{
new AzureNative.AlertsManagement.Inputs.RemoveAllActionGroupsArgs
{
ActionType = "RemoveAllActionGroups",
},
},
Description = "Removes all ActionGroups from all Alerts on VMName during the maintenance window",
Enabled = true,
Schedule = new AzureNative.AlertsManagement.Inputs.ScheduleArgs
{
EffectiveFrom = "2021-04-15T18:00:00",
EffectiveUntil = "2021-04-15T20:00:00",
TimeZone = "Pacific Standard Time",
},
Scopes = new[]
{
"/subscriptions/subId1/resourceGroups/RGId1/providers/Microsoft.Compute/virtualMachines/VMName",
},
},
ResourceGroupName = "alertscorrelationrg",
Tags = null,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.alertsmanagement.AlertProcessingRuleByName;
import com.pulumi.azurenative.alertsmanagement.AlertProcessingRuleByNameArgs;
import com.pulumi.azurenative.alertsmanagement.inputs.AlertProcessingRulePropertiesArgs;
import com.pulumi.azurenative.alertsmanagement.inputs.ScheduleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var alertProcessingRuleByName = new AlertProcessingRuleByName("alertProcessingRuleByName", AlertProcessingRuleByNameArgs.builder()
.alertProcessingRuleName("RemoveActionGroupsMaintenanceWindow")
.location("Global")
.properties(AlertProcessingRulePropertiesArgs.builder()
.actions(RemoveAllActionGroupsArgs.builder()
.actionType("RemoveAllActionGroups")
.build())
.description("Removes all ActionGroups from all Alerts on VMName during the maintenance window")
.enabled(true)
.schedule(ScheduleArgs.builder()
.effectiveFrom("2021-04-15T18:00:00")
.effectiveUntil("2021-04-15T20:00:00")
.timeZone("Pacific Standard Time")
.build())
.scopes("/subscriptions/subId1/resourceGroups/RGId1/providers/Microsoft.Compute/virtualMachines/VMName")
.build())
.resourceGroupName("alertscorrelationrg")
.tags(Map.ofEntries(
))
.build());
}
}
resources:
alertProcessingRuleByName:
type: azure-native:alertsmanagement:AlertProcessingRuleByName
properties:
alertProcessingRuleName: RemoveActionGroupsMaintenanceWindow
location: Global
properties:
actions:
- actionType: RemoveAllActionGroups
description: Removes all ActionGroups from all Alerts on VMName during the maintenance window
enabled: true
schedule:
effectiveFrom: 2021-04-15T18:00:00
effectiveUntil: 2021-04-15T20:00:00
timeZone: Pacific Standard Time
scopes:
- /subscriptions/subId1/resourceGroups/RGId1/providers/Microsoft.Compute/virtualMachines/VMName
resourceGroupName: alertscorrelationrg
tags: {}
The RemoveAllActionGroups action type strips all notification channels from matching alerts. The schedule property defines when suppression is active: effectiveFrom and effectiveUntil set the start and end times, and timeZone ensures the window aligns with your local time. This creates a one-time suppression window for a specific VM.
Suppress VM alerts on a recurring schedule
Regular maintenance windows (weekend patching, backup jobs) benefit from recurring suppression rules that automatically silence expected alerts without manual intervention.
import * as pulumi from "@pulumi/pulumi";
import * as azure_native from "@pulumi/azure-native";
const alertProcessingRuleByName = new azure_native.alertsmanagement.AlertProcessingRuleByName("alertProcessingRuleByName", {
alertProcessingRuleName: "RemoveActionGroupsRecurringMaintenance",
location: "Global",
properties: {
actions: [{
actionType: "RemoveAllActionGroups",
}],
conditions: [{
field: azure_native.alertsmanagement.Field.TargetResourceType,
operator: azure_native.alertsmanagement.Operator.Equals,
values: ["microsoft.compute/virtualmachines"],
}],
description: "Remove all ActionGroups from all Vitual machine Alerts during the recurring maintenance",
enabled: true,
schedule: {
recurrences: [{
daysOfWeek: [
azure_native.alertsmanagement.DaysOfWeek.Saturday,
azure_native.alertsmanagement.DaysOfWeek.Sunday,
],
endTime: "04:00:00",
recurrenceType: "Weekly",
startTime: "22:00:00",
}],
timeZone: "India Standard Time",
},
scopes: [
"/subscriptions/subId1/resourceGroups/RGId1",
"/subscriptions/subId1/resourceGroups/RGId2",
],
},
resourceGroupName: "alertscorrelationrg",
tags: {},
});
import pulumi
import pulumi_azure_native as azure_native
alert_processing_rule_by_name = azure_native.alertsmanagement.AlertProcessingRuleByName("alertProcessingRuleByName",
alert_processing_rule_name="RemoveActionGroupsRecurringMaintenance",
location="Global",
properties={
"actions": [{
"action_type": "RemoveAllActionGroups",
}],
"conditions": [{
"field": azure_native.alertsmanagement.Field.TARGET_RESOURCE_TYPE,
"operator": azure_native.alertsmanagement.Operator.EQUALS,
"values": ["microsoft.compute/virtualmachines"],
}],
"description": "Remove all ActionGroups from all Vitual machine Alerts during the recurring maintenance",
"enabled": True,
"schedule": {
"recurrences": [{
"days_of_week": [
azure_native.alertsmanagement.DaysOfWeek.SATURDAY,
azure_native.alertsmanagement.DaysOfWeek.SUNDAY,
],
"end_time": "04:00:00",
"recurrence_type": "Weekly",
"start_time": "22:00:00",
}],
"time_zone": "India Standard Time",
},
"scopes": [
"/subscriptions/subId1/resourceGroups/RGId1",
"/subscriptions/subId1/resourceGroups/RGId2",
],
},
resource_group_name="alertscorrelationrg",
tags={})
package main
import (
alertsmanagement "github.com/pulumi/pulumi-azure-native-sdk/alertsmanagement/v3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := alertsmanagement.NewAlertProcessingRuleByName(ctx, "alertProcessingRuleByName", &alertsmanagement.AlertProcessingRuleByNameArgs{
AlertProcessingRuleName: pulumi.String("RemoveActionGroupsRecurringMaintenance"),
Location: pulumi.String("Global"),
Properties: &alertsmanagement.AlertProcessingRulePropertiesArgs{
Actions: pulumi.Array{
alertsmanagement.RemoveAllActionGroups{
ActionType: "RemoveAllActionGroups",
},
},
Conditions: alertsmanagement.ConditionArray{
&alertsmanagement.ConditionArgs{
Field: pulumi.String(alertsmanagement.FieldTargetResourceType),
Operator: pulumi.String(alertsmanagement.OperatorEquals),
Values: pulumi.StringArray{
pulumi.String("microsoft.compute/virtualmachines"),
},
},
},
Description: pulumi.String("Remove all ActionGroups from all Vitual machine Alerts during the recurring maintenance"),
Enabled: pulumi.Bool(true),
Schedule: &alertsmanagement.ScheduleArgs{
Recurrences: pulumi.Array{
alertsmanagement.WeeklyRecurrence{
DaysOfWeek: []alertsmanagement.DaysOfWeek{
alertsmanagement.DaysOfWeekSaturday,
alertsmanagement.DaysOfWeekSunday,
},
EndTime: "04:00:00",
RecurrenceType: "Weekly",
StartTime: "22:00:00",
},
},
TimeZone: pulumi.String("India Standard Time"),
},
Scopes: pulumi.StringArray{
pulumi.String("/subscriptions/subId1/resourceGroups/RGId1"),
pulumi.String("/subscriptions/subId1/resourceGroups/RGId2"),
},
},
ResourceGroupName: pulumi.String("alertscorrelationrg"),
Tags: pulumi.StringMap{},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
var alertProcessingRuleByName = new AzureNative.AlertsManagement.AlertProcessingRuleByName("alertProcessingRuleByName", new()
{
AlertProcessingRuleName = "RemoveActionGroupsRecurringMaintenance",
Location = "Global",
Properties = new AzureNative.AlertsManagement.Inputs.AlertProcessingRulePropertiesArgs
{
Actions = new[]
{
new AzureNative.AlertsManagement.Inputs.RemoveAllActionGroupsArgs
{
ActionType = "RemoveAllActionGroups",
},
},
Conditions = new[]
{
new AzureNative.AlertsManagement.Inputs.ConditionArgs
{
Field = AzureNative.AlertsManagement.Field.TargetResourceType,
Operator = AzureNative.AlertsManagement.Operator.EqualsValue,
Values = new[]
{
"microsoft.compute/virtualmachines",
},
},
},
Description = "Remove all ActionGroups from all Vitual machine Alerts during the recurring maintenance",
Enabled = true,
Schedule = new AzureNative.AlertsManagement.Inputs.ScheduleArgs
{
Recurrences = new[]
{
new AzureNative.AlertsManagement.Inputs.WeeklyRecurrenceArgs
{
DaysOfWeek = new[]
{
AzureNative.AlertsManagement.DaysOfWeek.Saturday,
AzureNative.AlertsManagement.DaysOfWeek.Sunday,
},
EndTime = "04:00:00",
RecurrenceType = "Weekly",
StartTime = "22:00:00",
},
},
TimeZone = "India Standard Time",
},
Scopes = new[]
{
"/subscriptions/subId1/resourceGroups/RGId1",
"/subscriptions/subId1/resourceGroups/RGId2",
},
},
ResourceGroupName = "alertscorrelationrg",
Tags = null,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.alertsmanagement.AlertProcessingRuleByName;
import com.pulumi.azurenative.alertsmanagement.AlertProcessingRuleByNameArgs;
import com.pulumi.azurenative.alertsmanagement.inputs.AlertProcessingRulePropertiesArgs;
import com.pulumi.azurenative.alertsmanagement.inputs.ScheduleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var alertProcessingRuleByName = new AlertProcessingRuleByName("alertProcessingRuleByName", AlertProcessingRuleByNameArgs.builder()
.alertProcessingRuleName("RemoveActionGroupsRecurringMaintenance")
.location("Global")
.properties(AlertProcessingRulePropertiesArgs.builder()
.actions(RemoveAllActionGroupsArgs.builder()
.actionType("RemoveAllActionGroups")
.build())
.conditions(ConditionArgs.builder()
.field("TargetResourceType")
.operator("Equals")
.values("microsoft.compute/virtualmachines")
.build())
.description("Remove all ActionGroups from all Vitual machine Alerts during the recurring maintenance")
.enabled(true)
.schedule(ScheduleArgs.builder()
.recurrences(WeeklyRecurrenceArgs.builder()
.daysOfWeek(
"Saturday",
"Sunday")
.endTime("04:00:00")
.recurrenceType("Weekly")
.startTime("22:00:00")
.build())
.timeZone("India Standard Time")
.build())
.scopes(
"/subscriptions/subId1/resourceGroups/RGId1",
"/subscriptions/subId1/resourceGroups/RGId2")
.build())
.resourceGroupName("alertscorrelationrg")
.tags(Map.ofEntries(
))
.build());
}
}
resources:
alertProcessingRuleByName:
type: azure-native:alertsmanagement:AlertProcessingRuleByName
properties:
alertProcessingRuleName: RemoveActionGroupsRecurringMaintenance
location: Global
properties:
actions:
- actionType: RemoveAllActionGroups
conditions:
- field: TargetResourceType
operator: Equals
values:
- microsoft.compute/virtualmachines
description: Remove all ActionGroups from all Vitual machine Alerts during the recurring maintenance
enabled: true
schedule:
recurrences:
- daysOfWeek:
- Saturday
- Sunday
endTime: 04:00:00
recurrenceType: Weekly
startTime: 22:00:00
timeZone: India Standard Time
scopes:
- /subscriptions/subId1/resourceGroups/RGId1
- /subscriptions/subId1/resourceGroups/RGId2
resourceGroupName: alertscorrelationrg
tags: {}
The recurrences array defines repeating patterns. WeeklyRecurrence specifies which days (daysOfWeek) and times (startTime, endTime) to suppress alerts. The conditions array filters by resource type (microsoft.compute/virtualmachines), ensuring only VM alerts are suppressed. This extends one-time suppression with recurring schedules that repeat automatically.
Beyond these examples
These snippets focus on specific alert processing rule features: action group routing and suppression, severity and resource-type filtering, and one-time and recurring maintenance windows. They’re intentionally minimal rather than full alert management solutions.
The examples reference pre-existing infrastructure such as action groups for notifications, and subscriptions, resource groups, and monitored resources. They focus on configuring alert processing rules rather than provisioning the underlying monitoring infrastructure.
To keep things focused, common alert processing patterns are omitted, including:
- Alert rule ID filtering (field: AlertRuleId)
- Monitor service filtering (field: MonitorService)
- Daily recurrence patterns without day-of-week constraints
- Multiple condition combinations (AND/OR logic)
These omissions are intentional: the goal is to illustrate how each alert processing feature is wired, not provide drop-in monitoring modules. See the AlertProcessingRuleByName resource reference for all available configuration options.
Let's configure Azure Alert Processing Rules
Get started with Pulumi Cloud, then follow our quick setup guide to deploy this infrastructure.
Try Pulumi Cloud for FREEFrequently Asked Questions
Actions & Rule Behavior
What action types can I use in alert processing rules?
You can use
AddActionGroups to add action groups to matching alerts, or RemoveAllActionGroups to suppress notifications by removing all action groups from matching alerts.What's the difference between adding and removing action groups?
AddActionGroups triggers additional notifications by adding action groups to alerts, while RemoveAllActionGroups suppresses notifications during maintenance windows or for specific alert types.Targeting & Filtering
What scope levels can I target with alert processing rules?
You can target entire subscriptions, specific resource groups, or individual resources. The
scopes property accepts an array of Azure resource IDs at any of these levels.How do I filter alerts by severity?
Use
conditions with field set to Severity, operator set to Equals, and values like ["sev0", "sev1"] to target specific severity levels.What condition fields can I use to filter alerts?
You can filter by
Severity (alert severity level), AlertRuleId (specific alert rule), or TargetResourceType (resource type like microsoft.compute/virtualmachines).Scheduling & Time Windows
How do I schedule rules for maintenance windows?
For one-off windows, use
schedule with effectiveFrom and effectiveUntil timestamps. For recurring windows, use schedule.recurrences with Daily or Weekly recurrence types. You can combine multiple recurrence patterns (like daily hours plus weekend days).What time zones are supported for scheduling?
You can specify any standard time zone name in the
schedule.timeZone property, such as Pacific Standard Time, India Standard Time, or Eastern Standard Time.Configuration Basics
What's required to create an alert processing rule?
You must specify
location (set to Global), properties.actions (the action to perform), and properties.scopes (where the rule applies). The conditions and schedule properties are optional.Why is location always set to Global?
Alert processing rules are global resources that apply across Azure regions. All examples in the schema use
location: "Global".What properties can't be changed after creating a rule?
The
location, alertProcessingRuleName, and resourceGroupName properties are immutable and cannot be modified after creation.