Azure Introduction
Azure Pricing
Azure Threats
Remove Unattached Virtual Machine Disk Volume
More Info:
Identify any unattached (unused) Microsoft Azure virtual machine disk volumes available within your Azure cloud account and delete them in order to lower the cost of your monthly bill and reduce the risk of sensitive data leakage.
Risk Level
Medium
Address
Security
Compliance Standards
HITRUST
Triage and Remediation
Remediation
Sure, here are the step-by-step instructions to remediate the “Remove Unattached Virtual Machine Disk Volume” misconfiguration for Azure using the Azure console:
- Log in to the Azure portal (https://portal.azure.com/).
- Click on the “Virtual machines” option in the left-hand menu.
- Select the virtual machine that has the unattached disk volume you want to remove.
- Click on the “Disks” option in the left-hand menu.
- Identify the unattached disk volume by looking for the “Unattached” status in the “Status” column.
- Select the unattached disk volume by clicking on its name.
- Click on the “Delete” button in the top menu bar.
- In the confirmation window, click on the “Yes” button to confirm that you want to delete the unattached disk volume.
That’s it! The unattached virtual machine disk volume has been successfully removed from your Azure account.
To remediate the “Remove Unattached Virtual Machine Disk Volume” misconfiguration for AZURE using AZURE CLI, you can follow these step-by-step instructions:
-
Open the AZURE CLI on your computer.
-
Run the following command to list all the virtual machines in your subscription:
az vm list --query "[].{name:name,resourceGroup:resourceGroup}" --output tableThis will list all the virtual machines in your subscription along with their resource group.
-
Identify the virtual machine for which there are unattached disks.
-
Run the following command to list all the disks in your subscription:
az disk list --query "[].{name:name,resourceGroup:resourceGroup}" --output tableThis will list all the disks in your subscription along with their resource group.
-
Identify the unattached disks that belong to the virtual machine identified in step 3.
-
Run the following command to delete the unattached disk:
az disk delete --name <disk-name> --resource-group <resource-group-name>Replace
<disk-name>with the name of the unattached disk and<resource-group-name>with the name of the resource group the disk belongs to. -
Confirm the deletion by typing “y” when prompted.
-
Repeat steps 6 and 7 for all the unattached disks that belong to the identified virtual machine.
-
Verify that all the unattached disks have been deleted by running the command in step 4 again.
This completes the remediation of the “Remove Unattached Virtual Machine Disk Volume” misconfiguration for AZURE using AZURE CLI.
To remediate the “Remove Unattached Virtual Machine Disk Volume” misconfiguration in Azure using Python, you can follow the below steps:
- Import the necessary libraries:
from azure.identity import DefaultAzureCredential
from azure.mgmt.compute import ComputeManagementClient
- Authenticate with Azure using the
DefaultAzureCredentialclass:
credential = DefaultAzureCredential()
subscription_id = "your_subscription_id"
compute_client = ComputeManagementClient(credential, subscription_id)
- Get a list of all virtual machines in the subscription:
vm_list = compute_client.virtual_machines.list_all()
- For each virtual machine, get a list of all the disk volumes attached to it:
for vm in vm_list:
vm_id = vm.id
vm_name = vm.name
vm_rg_name = vm_id.split('/')[4]
vm_disk_list = compute_client.disks.list_by_vm(vm_rg_name, vm_name)
- For each disk volume, check if it is attached to any virtual machine. If it is not attached, delete the disk volume:
for disk in vm_disk_list:
disk_id = disk.id
disk_name = disk.name
disk_rg_name = disk_id.split('/')[4]
disk_attach = compute_client.disks.list_vm_attachments(disk_rg_name, disk_name)
if not disk_attach:
compute_client.disks.delete(disk_rg_name, disk_name)
- Run the Python script and verify that all unattached disk volumes have been removed.
Note: Make sure to test the script in a non-production environment before running it in a production environment.