I need help with an Azure Clean Up project.

Remon Girgis 40 Reputation points
2023-11-25T19:54:39.2566667+00:00

I have been recently hired to manage a complex Azure environment consisting of thousands of resources across over 150 subscriptions.

As early adopters of Azure, our team did not have the benefit of current governance and compliance tools like the Cloud Adoption Framework (CAF). Over time, numerous resources, especially in Dev/Test environments, have been created and left undeleted, including orphaned disks from removed VMs. Furthermore, the lack of documentation due to high turnover in cloud engineers has compounded the challenge.

I need to clean up this environment efficiently without disrupting ongoing operations. Is there an Azure script or native tool available that can assist in systematically identifying and removing these unused or orphaned resources?

Not Monitored
Not Monitored
Tag not monitored by Microsoft.
37,658 questions
0 comments No comments
{count} votes

Accepted answer
  1. Adam Zachary 2,886 Reputation points
    2023-11-25T20:16:29.4266667+00:00

    Hi Remon,

    To address the challenge of cleaning up a complex Azure environment with a large number of subscriptions and resources. You need to come up with a structured project plan:

    Here is what I would suggest if I were you, incorporating Azure PowerShell and CLI scripts for identifying and managing resources:

    Initial Assessment Phase (1 Month)

    • Monitor and assess the current state of the Azure environment to identify unused or orphaned resources.
    • Action Steps:
    • Use Azure Advisor to monitor resource utilization and identify underutilized resources.
    • Implement Azure Resource Graph queries using PowerShell to identify orphaned volumes (e.g., Get-AzOrphanedVolumes.ps1).
    • Use Azure CLI or PowerShell with Azure Activity Logs to identify resources not used in the last 15 days​​​​​​​​​​.

    Marking Phase (Following Assessment)

    • Mark resources identified as unused or orphaned for deletion.
    • Action Steps:
    • Create a report of all identified resources using PowerShell or CLI scripts.
    • Mark these resources with a specific tag (e.g., "MarkedForDeletion") for easier tracking and future reference.
    • Communicate with respective teams or departments to verify if the marked resources are indeed not in use.

    Deletion Phase (Post-Verification)

    • Safely remove unused or orphaned resources to optimize the Azure environment.
    • Action Steps:
      • Implement a script to delete resources marked for deletion. Ensure to take necessary backups if needed.
        • Regularly monitor the deletion process to ensure no operational disruptions occur.

    Documentation and Process Improvement

    • Establish a sustainable governance model to prevent similar issues in the future.
    • Action Steps:
    • Document the entire cleanup process, including scripts used, resources deleted, and lessons learned.
    • Recommend the implementation of tagging for all new resources. Specifically, use an "App Owner" or "Resource Owner" tag to easily identify the responsible party for each resource.
    • Encourage continuous monitoring and regular audits to maintain a clean and efficient Azure environment.

    Future Recommendations: For better management of your Azure resources in the future, I would recommend

    • Mandatory Tags for All Resources:
      • Application Name Tag: For easy identification of which application each resource is associated with.
        • Application Owner Tag: To identify the primary individual responsible for the resource, aiding in accountability and contact purposes.
          • Application Team Tag: For identifying the team managing the resource, useful in case of the application owner's unavailability or change.
    • Azure Policy Enforcement: To ensure all resources are compliant with the tagging strategy, enhancing overall governance.
    • Automated Tagging with Azure Automation: To streamline the tagging process during resource provisioning, ensuring consistency and efficiency.
    • Routine Reporting and Auditing Based on Tags: For ongoing compliance checks and to understand resource utilization better, aiding in effective resource management and decision-making.

    Kindly if you find the provided information helpful and it resolves your query, please consider accepting the answer. Your feedback is valuable and helps ensure the quality and relevance of the responses.

    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful