https://github.com/devwithkrishna/azure-terraforminator

A pipeline to delete unused resources in azure based on a specific tag
https://github.com/devwithkrishna/azure-terraforminator

azure-sdk-for-python cron poetry python python3

Last synced: 10 months ago
JSON representation

A pipeline to delete unused resources in azure based on a specific tag

• Host: GitHub
• URL: https://github.com/devwithkrishna/azure-terraforminator
• Owner: devwithkrishna
• License: mit
• Created: 2024-09-24T16:11:32.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2025-03-27T19:53:28.000Z (11 months ago)
• Last Synced: 2025-03-27T20:29:54.786Z (11 months ago)
• Topics: azure-sdk-for-python, cron, poetry, python, python3
• Language: Python
• Homepage:
• Size: 21.5 KB
• Stars: 0
• Watchers: 1
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# azure-terraforminator

 A pipeline to delete unused resources in azure based on a specific tag

[![azure-decommision-unsed-resource-groups-with-temporary-tag-as-true](https://github.com/devwithkrishna/azure-terraforminator/actions/workflows/azure-terraforminator.yaml/badge.svg)](https://github.com/devwithkrishna/azure-terraforminator/actions/workflows/azure-terraforminator.yaml)

# What this does

* Reducing cloud costs and decommissioning unused resources are essential practices for efficient cloud management. 

#### Cost Savings

* Pay-as-you-go model: Cloud services charge based on resource usage, so any unused or idle resources still incur costs. Decommissioning these saves money that can be allocated elsewhere.

* Hidden costs: Over-provisioned or forgotten services like unused VMs, storage, or databases can rack up unexpected costs over time.

#### Resource Optimization

* Avoid over-provisioning: Scaling down unused or underutilized resources ensures you're only paying for what you need, preventing waste.

* Better performance: By right-sizing resources, you allocate appropriate computing power to services, improving overall performance.

#### Improved Security

* Minimize attack surface: Decommissioning unused resources reduces potential vulnerabilities that could be exploited by attackers.

* Avoid data leakage: Retiring unnecessary storage or services prevents accidental exposure of sensitive data.

#### Operational Efficiency

* Simplified management: Fewer resources mean less administrative overhead in terms of monitoring, patching, and maintenance.

* Compliance and governance: Removing outdated or unnecessary assets helps maintain compliance with regulatory standards, as only necessary resources are active

### This is defined in a way that it decommisions a resource group based on a specific tag in azure. When the autmation finds `Temporary` tag wth Value as `TRUE` it decommisions.

#### For the automation to work we needd a service principal which has access to the subscription level atleast with contributor permission as deletion of resources are involved.

#### Configure the below environment variables as GitHub secrets

```markdown

AZURE_CLIENT_ID = "value"

AZURE_CLIENT_SECRET = "value"

AZURE_TENANT_ID = "value"

```

* The code is using python with poetry as package management tool

* This job is set to run as a cron every day and as a manual trigger as well if necessary

```markdown

This is a sample of output showing what are the resources deleted

The below resources are decommisioned on 

+------------------------+-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+

| Name                   | Type                              | ID                                                                                                                                                 | Resource Group Name   |

+========================+===================================+====================================================================================================================================================+=======================+

| Name of resource   | Type | Resource Id   | Rg name          |

+------------------------+-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+

| mystorageaccountswswwe | Microsoft.Storage/storageAccounts | /subscriptions/es271149ae-05d3-4dcsssf-b946-d71f3f39/resourceGroups/ARCHITECTS-3/providers/Microsoft.Storage/storageAccounts/mystorageaccountswswwe | ARCHITECTS-3          |

+------------------------+-----------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+

```