question

Crod-8019 avatar image
1 Vote"
Crod-8019 asked JabulaniMotloung commented

Monitor unused resources

other than the basic freebies in Azure = Advisor, and Security center that offer up recommendations. What tools can an admin use to properly monitor all resources and report on things that aren't being utilized. I would like to know of unused:
Public IPs
NICs
Disks
NSGs

I typically just stumble upon these things and have developers tell me that they haven't used vms, RGs or other resources for some time. Rather than Microsoft billing us all the time there has to be a better way to monitor these things that effectively aren't being used.

azure-monitor
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

SwathiDhanwada-MSFT avatar image
0 Votes"
SwathiDhanwada-MSFT answered JabulaniMotloung commented

@Crod-8019 Thanks for reaching out! To identify orphaned or unattached mentioned resources, there is no direct way to do. Here are some PowerShell scripts to get the list of unattached mentioned resources.


Below are the commands to install the ‘AZ’ modules in PowerShell:


 Install-Module -Name Az -AllowClobber -Force
 Find-Module -Name Az -Repository PSGallery | Install-Module -Verbose -Force
 set-executionpolicy unrestricted
 Import-Module -Name Az
 Get-InstalledModule -Name Az -AllVersions | select Name,Version



PowerShell commands to find unattached Azure managed disk:


 Connect-Azaccount
 Get-Azsubscription
 Select-Azsubscrciption -Subscription "Subscription Name"
 # Set deleteUnattachedDisks=1 if you want to delete unattached Managed Disks
 # Set deleteUnattachedDisks=0 if you want to see the Id of the unattached Managed Disks
 $deleteUnattachedDisks=0
 $managedDisks = Get-AzDisk
 foreach ($md in $managedDisks) {
     # ManagedBy property stores the Id of the VM to which Managed Disk is attached to
     # If ManagedBy property is $null then it means that the Managed Disk is not attached to a VM
     if($md.ManagedBy -eq $null){
         if($deleteUnattachedDisks -eq 1){
            Write-Host "Deleting unattached Managed Disk with Id: $($md.Id)"
             $md | Remove-AzDisk -Force
             Write-Host "Deleted unattached Managed Disk with Id: $($md.Id) "
         }else{
             $md.Id
         }
     }
 }


PowerShell commands to find unattached Azure unmanaged disk:


 Connect-Azaccount
 Get-Azsubscription
 Select-Azsubscrciption -Subscription "Subscription Name"
 # Set deleteUnattachedVHDs=1 if you want to delete unattached VHDs
 # Set deleteUnattachedVHDs=0 if you want to see the Uri of the unattached VHDs
 $deleteUnattachedVHDs=0
 $storageAccounts = Get-AzStorageAccount
 foreach($storageAccount in $storageAccounts){
     $storageKey = (Get-AzStorageAccountKey -ResourceGroupName $storageAccount.ResourceGroupName -Name $storageAccount.StorageAccountName)[0].Value
     $context = New-AzStorageContext -StorageAccountName $storageAccount.StorageAccountName -StorageAccountKey $storageKey
     $containers = Get-AzStorageContainer -Context $context
     foreach($container in $containers){
         $blobs = Get-AzStorageBlob -Container $container.Name -Context $context
         #Fetch all the Page blobs with extension .vhd as only Page blobs can be attached as disk to Azure VMs
         $blobs | Where-Object {$_.BlobType -eq 'PageBlob' -and $_.Name.EndsWith('.vhd')} | ForEach-Object {
             #If a Page blob is not attached as disk then LeaseStatus will be unlocked
             if($_.ICloudBlob.Properties.LeaseStatus -eq 'Unlocked'){
                     if($deleteUnattachedVHDs -eq 1){
                         Write-Host "Deleting unattached VHD with Uri: $($_.ICloudBlob.Uri.AbsoluteUri)"
                         $_ | Remove-AzStorageBlob -Force
                         Write-Host "Deleted unattached VHD with Uri: $($_.ICloudBlob.Uri.AbsoluteUri)"
                     }
                    else{
                         $_.ICloudBlob.Uri.AbsoluteUri
                     }
             }
         }
     }
 }


PowerShell commands to find unattached Azure NIC cards:


 Connect-Azaccount
 Get-Azsubscription
 Select-Azsubscrciption -Subscription "Subscription Name"
 az network nic list --query '[?virtualMachine==`null`].[id]' -o tsv


To get the unattached Public Ip addresses, you can refer to this link.



Hope this helps!!



· 2
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SwathiDhanwada-MSFT avatar image SwathiDhanwada-MSFT ·

@Crod-8019 Just following up to check if you need further assistance on this issue.

0 Votes 0 ·
JabulaniMotloung avatar image JabulaniMotloung SwathiDhanwada-MSFT ·

@SwathiDhanwada-MSFT

Hi,

Firstly thanks for the above scripts, really helpful.

I do have more or less the same question regarding carrying out assessments on resources.

Apart from Advisor and Security Center, what are other tools one can use to carry out assessments on the state of Azure resources in one's tenant?

0 Votes 0 ·