Posted in : Azure By Tobias Vuorenmaa Translate with Google ⟶

2 years ago

We all know how easy it is to create resources in Azure, and quite fast we will have multiple resources just because we created a single VM.

Resources like managed disks, NIC:s, Availability sets and to mention a few.
All these can be created by just spinning up a virtual machine in the Azure portal.

But will they all be removed when deleting the VM? The answer is it depends!
It depends on how you delete the VM and belonging resources, and if you chose to delete the resource group as well as you initially created the VM in.

Imagine this in a big environment across hundreds of subscriptions, we will end up with orphaned resources after some time.

Lucky for us we have Azure Resource Graph to make the hunt easy.

The search will look different based on the attribute we are looking for to determine if it’s in use or not, Availability sets use an empty array for its properties, Disks will be unattached and NIC:s will be missing the property VirtualMachine.

Let’s start with managed disks that are currently not attached to a VM.

Unattached Managed disks

resources
| where type =~ ’Microsoft.Compute/disks’
| where properties.diskState == ”Unattached”
| project name, resourceGroup, subscriptionId, tenantId, properties.diskState

Managed disks are one of those resources that will always cause Azure Consumption to tick, therefore it’s always good to have control and make sure unused disks are removed.
Note, just because a disk is unattached doesn’t mean it’s not in use for other purposes, make sure to double-check this before cleaning up 🙂

Empty Availability sets

Even though that availability set comes with no extra cost in Azure, we want to keep our houses clean.
In this example, we look for an empty value of properties.virtualMachines.

resources
| where type =~ ’Microsoft.Compute/availabilitysets’
| where properties.virtualMachines == ”[]”
| project name, resourceGroup, subscriptionId, tenantId, properties.virtualMachines

NIC:s that are not connected to a VM

Last but not least, NIC:s. They will just as availability sets not be top of the bill if not in use. But neither the less we want to remove unutilized resources if possible.

resources
| where type == ”microsoft.network/networkinterfaces”
| extend vm = properties.virtualMachine
| where isnull(vm.id)
| project name, resourceGroup, subscriptionId, tenantId, vm.id

Make sure to save your queries in the Azure Resource Graph Explorer if you keep using them from time to time.

Hope this might help to find these orphaned resources across all your subscriptions, happy cleaning!

All examples will be published here https://github.com/tvuorenmaa89/AzureResourceGraph

 

Tags : Azure, Azure Governance, Azure Resource Graph

Personlig rådgivning

Vi erbjuder personlig rådgivning med författaren för 1400 SEK per timme. Anmäl ditt intresse i här så återkommer vi så snart vi kan.

Add comment

Your comment will be revised by the site if needed.