Azure Powershell Script deleting unused or orphaned azure resources

by

Overview

Managing unused or orphaned resources in Azure can significantly impact cloud spending and operational efficiency. The Azure Resource Cleanup tool is a comprehensive PowerShell script designed to help cloud administrators identify and deleting unused or orphaned azure resources, ensuring cost optimization and improved resource management.

This script operates in a safe, non-destructive reporting mode by default, allowing administrators to review orphaned resources before initiating cleanup operations.

You can access the project on GitHub: AzureOpsScripts – Resource Cleanup.

Key Features

The Azure Resource Cleanup script provides the following functionalities:

  • Orphaned NICs: Identifies network interfaces not attached to any VM or endpoint.
  • Old Azure Disk Snapshots: Detects snapshots exceeding your retention period.
  • Storage Account Blob Snapshots: Flags blob snapshots older than the defined retention period.
  • File Share Snapshots: Identifies file share snapshots beyond retention limits.
  • Orphaned Managed Disks: Finds disks not attached to any VM.
  • Orphaned Public IPs: Locates unused public IP addresses.
  • Unused Network Security Groups: Identifies NSGs not associated with any resources.
  • Unused Availability Sets: Detects availability sets no longer in use.
  • Empty Resource Groups: Flags resource groups with no active resources.
  • Unused Virtual Networks: Highlights potentially unused virtual networks (Just highlight, the script won’t deleting it).
  • Reserved but Unused IP Addresses: Identifies IP addresses reserved but not actively assigned.

Requirements

To use the Azure Resource Cleanup script, ensure the following prerequisites are met:

  • PowerShell Version: 5.1 or higher
  • Az PowerShell Module: Install using the command:Install-Module -Name Az
  • Azure Account Permissions: Ensure appropriate permissions to view and delete resources.

Usage

Reporting Mode

Run the script in reporting mode to generate a detailed report of orphaned resources:

.\Azure-Resource-Cleanup.ps1
deleting unused or orphaned azure resources

Cleanup Mode

To delete identified resources, use the cleanup mode:

.\Azure-Resource-Cleanup.ps1 -DeleteResources

Customize Snapshot Retention

Specify snapshot retention days to identify older snapshots for cleanup:

.\Azure-Resource-Cleanup.ps1 -SnapshotRetentionDays 7 -DeleteResources
deleting unused or orphaned azure resources

Exclude Storage Snapshot Checks

Skip storage account blob and file share snapshot checks for large environments:

.\Azure-Resource-Cleanup.ps1 -IncludeStorageSnapshots:$false

Important Notes

Run on Allowed Virtual Networks

Ensure the script is executed within an allowed virtual network. Due to network restrictions, some storage accounts may prohibit access to containers or file snapshots. If the storage account doesn’t support deletion operations, you may encounter errors when attempting to clean up these resources.

Test in Dev/Test Environments

It is strongly recommended to test the script in development or test environments before using it in production. This ensures that you can review the script’s behavior, identify potential issues, and verify the resources flagged for cleanup.

Use Report-Only Mode

For production environments, always start by running the script in report-only mode (without the -DeleteResources parameter). This provides a detailed report of orphaned resources, allowing you to review and validate the items flagged before initiating cleanup operations.

Parameters

The script supports several customizable parameters:

ParameterTypeDefaultDescription
SnapshotRetentionDaysInteger3Retention period for snapshots (in days). Snapshots older than this will be flagged for cleanup.
DeleteResourcesSwitch$falseEnables deletion of identified resources. By default, the script only reports.
IncludeStorageSnapshotsSwitch$trueIncludes blob and file share snapshot checks. Set to $false to exclude these checks.

Report Output

The script generates detailed reports in a timestamped folder, including:

  • orphaned_nics.csv
  • old_managed_snapshots.csv
  • old_blob_snapshots.csv
  • old_fileshare_snapshots.csv
  • orphaned_disks.csv
  • orphaned_public_ips.csv
  • orphaned_nsgs.csv
  • unused_availability_sets.csv
  • empty_resource_groups.csv
  • unused_vnets.csv
  • subnet_ip_usage.csv
  • cleanup_log.txt (comprehensive log of actions performed)Output Excel file and logging

Best Practices

  1. Start with Reporting Mode: Always run the script without the -DeleteResources parameter to review flagged resources.
  2. Review Reports: Carefully analyze the generated CSV files before initiating cleanup operations.
  3. Set Retention Periods: Customize snapshot retention periods based on organizational policies.
  4. Test in Non-Production Environments: Run the script in dev/test environments to validate its behavior before using it in production.
  5. Run on Allowed Virtual Networks: Ensure the script is executed within allowed vNets to avoid network-related errors for storage account cleanup.

Example Workflow

Follow this workflow to safely clean up Azure resources:

  1. Run the script in reporting mode:.\Azure-Resource-Cleanup.ps1
  2. Review the generated reports for flagged resources.
  3. Confidently proceed with cleanup mode:.\Azure-Resource-Cleanup.ps1 -DeleteResources

References

Leave a Comment