How to check if Azure Vnet is in use

Question

I am using Az PowerShell module. I want to do the following things.

Verify that the specified azure vnet is not in use.
If it is not in use, delete the VNET.

The easiest way to verify if the VNET is in use, is to use Remove-AzVirtualNetwork in PowerShell and see if it throws an error. I would like to know if there is a better way to do this.

define `in use`? it could be in use without any ip addresses assigned to it — 4c74356b41, Dec 11 '19 at 06:51

score 0 · Answer 1 · answered Dec 11 '19 at 06:37

0

I may suggest you use Get-AzVirtualNetworkUsageList to gets per subnet usage.

The value of CurrentValue shows the assigned private IP usage. If it is greater than 0, then the network should be in use.

answered Dec 11 '19 at 06:37

Jack Jia

5,268
1
12
14

Only checks Private IP adres uasge, doesn't check for delegation to an app service for outbound traffic for example. – r3verse Feb 21 '22 at 13:14

score 0 · Answer 2 · edited Feb 13 '21 at 20:08

Ref Link: https://learn.microsoft.com/en-us/powershell/module/az.network/get-azvirtualnetworkusagelist?view=azps-5.5.0

#Fetch the VNet Configuration

$VNetDetails=Get-AzVirtualNetwork -Name "<VirtualNetworkName>"-ResourceGroupName "<ResourceGroupName>"

#Fetch the SubnetConfig from the VNETConfig

$VnetSubnetConfig=Get-AzVirtualNetworkSubnetConfig -Name "<SubnetName>" -VirtualNetwork $VNetDetails

#Fetch the IPUsage from the SubnetID.

$PrivateIPUsage=Get-AzVirtualNetworkUsageList -ResourceGroupName "<ResoruceGroupName>" -Name "<VirtualNetworkName>" | where ID -eq $VnetSubnetConfig.id

[int] $TotalIPLimit=$PrivateIPUsage.Limit
[int] $TotalIPUsed=$PrivateIPUsage.CurrentValue

if($TotalIPUsed -lt $TotalIPLimit)
{

    Write-Host "Private IP's are available in this Subnet for Usage."

}

else

{

    Write-Host "Private IP's are not available in this Subnet for Usage."

}

Only checks Private IP adres uasge, doesn't check for delegation to an app service for outbound traffic for example. — r3verse, Feb 21 '22 at 13:14

score 0 · Answer 3 · answered Nov 17 '22 at 07:34

If you need to also check service links

$result = az rest --method get --url 
'https://management.azure.com/subscriptions/xxxx-xxx-xxx/resourceGroups/networks-prd-rg- 
we/providers/Microsoft.Network/virtualNetworks/ntw_awe_prd_10.24.0.0_18? 
api-version=2021-02-01' `
| ConvertFrom-Json

$withServiceLinks = $result.properties.subnets.Where({$null -ne 
$PSItem.properties.serviceAssociationLinks})

foreach ($subnet in $withServiceLinks) {
   foreach ($serviceAssociationLink in 
      $subnet.properties.serviceAssociationLinks) {
        $serviceAssociationLink.properties.link
   }
}

This will show all the services linked. Of course you'll need to change the url or use az network vnet commands to get all the networks and iterate over them.

score -1 · Accepted Answer · answered Dec 11 '19 at 06:51

Here is a snippet from a working script is created a while back that does the trick

$vnetname = ""
$vnetrgname = ""
$VNet = Get-AzVirtualNetwork -Name $vnetname -ResourceGroupName $vnetrgname
$ips = $VNet.Subnets | % {($_.IpConfigurations).Count}
$total = ($ips | Measure-Object -Sum).Sum
if ($total -eq "0")
{
Write-Host -ForegroundColor Green "Virtual Network '$vnetname' not in use, deleting Virtual Network"
Remove-AzVirtualNetwork -Name $vnetname -ResourceGroupName $vnetrgname -Force
}
Else 
{
Write-Host -ForegroundColor  Yellow -BackgroundColor Black "Virtual Network '$vnetname' in use, Skipping deletion of Virtual Network"
}

Original script:

https://raw.githubusercontent.com/hhazeley/HannelsToolBox/master/Functions/Remove-AzureV2VMandResources.ps1

IpConfigurations can be empty but it can still be in use by app service delegation for example. Thus, it should also check the ServiceAssociationLinks element in the subnets object. — r3verse, Feb 21 '22 at 13:17

How to check if Azure Vnet is in use

4 Answers4