I have been investigating the various products that Microsoft's Azure has to offer on and off for about a year now.
I have setup a couple of App Services which operate against some SQL databases hosted on their servers.
All seems to work fine.
I am now looking to tidy up a bit and have selected the ResourceGroup which contains everything.
There appear to be some services within this group which I dod not remember creating. I'm not saying I didn't do so whilst experimenting and exploring, but I'm really not sure.
I'd like to get rid of anything which is unnecessary, but I'm having difficulty determining what is and isn't required.
Obviously I don't want to kill anything which is actively being used.
Here is a list of unfamiliar things which appear to be in my ResourceGroup
- XYZ-Vnet - Virtual Network
- LiveLoadBalancer - Load Balancer
- LiveLoadBalancer - Public IP Address
- NextSpace_OsDisk1YadaYadaYada - Disk
- NextSpace558 - Network Interface
- NextSpace-IP - Public IP Address
- NextSpace-nsg - Network Security Group
What steps can I take to determine the necessity of each of these?
Since there is alot of network related resources there, I would use Network Watcher and the Topology feature to see where the network interface is connected and so on.
It sounds like you have a mix of PaaS (Azure Web App) and IaaS (SQL on it's own servers). Since you say "Servers" I will assume these SQL boxes are in an Availability Set which puts the Load Balancer in play. IaaS also requires a VNet (every VM must be on a VNet). When creating a virtual machine using the Azure portal, the portal creates a network interface with default settings for you. Public IPs are needed if you wish to connect from the Internet. If you have a VPN or ExpressRoute, you can forgo them. And finally a Network Security Group is deployed by default with you VNet (think if it as ACL's). All NSG's have default rules to help protect you VM's. There is nothing to stop you from removing your NSG but I would not recommend it, especially if those VM's have public IP addresses as adversaries are constantly probing for open ports on VM's in our IP ranges to exploit.
If you wish to learn more about Azure Virtual Machines I would suggest this course on Edx.
You can also look in Activity Log of Resource Group to see who is operating with those resources. Logs are saved for 30 days, so if resources were created recently you will see the name of the person who added the resource in your resource group.