โญ Repository โ ๐ Compliance Engine โ ๐ CloudAware โ ๐ Azure โ ๐ Virtual Network
๐ก๏ธ Azure Virtual Network Gateway has no connections๐ข
- Contextual name: ๐ก๏ธ Virtual Network Gateway has no connections๐ข
- ID:
/ce/ca/azure/virtual-network/virtual-network-gateway-without-connection - Tags:
- ๐ข Policy with categories
- ๐ข Policy with type
- ๐ข Production policy
- Policy Type:
COMPLIANCE_POLICY - Policy Categories:
COST
Logicโ
- ๐ง prod.logic.yaml๐ข
Descriptionโ
Descriptionโ
Ensure that Azure Virtual Network Gateway has at least one connection. Delete unnecessary gateways that donโt have any connections. A gateway provisioned but not actively connected represents wasted cost.
Azure Virtual Network Gateway should have at least one active connection. VPN Gateways without any established connections should be decommissioned to eliminate avoidable costs.
Rationaleโ
Azure Virtual Network Gateways incur charges regardless of whether they are actively used. Gateways without configured connections often indicate misconfigurations or abandoned infrastructure. Identifying and removing such resources helps optimize network architecture, reduce unnecessary expenditure, and improve operational hygiene.
Auditโ
This policy marks an Azure Virtual Network Gateway as
INCOMPLIANTif it has no related Azure Virtual Network Gateway Connects, indicating that it is not currently participating in any site-to-site, point-to-site, or VNet-to-VNet VPN configurations.
Remediationโ
Remediationโ
Delete the Unused Virtual Network Gatewayโ
If a Virtual Network Gateway is confirmed to have no active connections and is not required for current or future network configurations, it should be deleted to prevent ongoing charges and reduce infrastructure complexity.
Azure CLIโ
az network vnet-gateway delete \
--name {{gateway-name}} \
--resource-group {{resource-group-name}}PowerShellโ
Remove-AzVirtualNetworkGateway `
-Name "{{gateway-name}}" `
-ResourceGroupName "{{resource-group-name}}"Considerationsโ
- Confirm that the gateway is not reserved for planned VPN or ExpressRoute configurations.
- Ensure no virtual network or hybrid connectivity scenarios depend on the gateway being removed.
policy.yamlโ
Linked Framework Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| ๐ผ Cloudaware Framework โ ๐ผ Waste Reduction | 25 | no data |