fix: orphaned resources query bugs + doc cleanup#31
Merged
msftnadavbh merged 1 commit intomainfrom Mar 3, 2026
Merged
Conversation
- Fix SQL Elastic Pools query: add leftanti join to filter for pools with no databases (previously flagged ALL pools as orphaned) - Fix Private Endpoints query: check both privateLinkServiceConnections and manualPrivateLinkServiceConnections to avoid false positives on manual-approval endpoints - Update USAGE_EXAMPLES.md: replace stale NIC/NSG references with the current 11 resource types - Update CHANGELOG.md: add v3.4.0 entry for Databricks tools (PR #28) and orphaned resources expansion + fixes (PR #30) - Align formatters.py section dividers for consistency
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Fixes two bugs in the orphaned resource detection queries introduced in PR #30and cleans up stale documentation left behind after the NIC/NSG removal.
Bug Fixes
1. SQL Elastic Pools query — missing filter (High severity)
The
ORPHANED_SQL_ELASTIC_POOLS_QUERYhad nowhereclause to filter for empty pools — it flagged every elastic pool in the tenant as orphaned, including pools actively hosting databases.Fix: Added a
leftantijoin againstmicrosoft.sql/servers/databasesso only pools with zero databases are returned.2. Private Endpoints query — false positives on manual-approval endpoints (Medium severity)
The query only checked
privateLinkServiceConnectionsbut Azure Private Endpoints also usemanualPrivateLinkServiceConnectionsfor manual approval workflows. Endpoints created with manual approval were incorrectly flagged as orphaned.Fix: Now checks both
privateLinkServiceConnectionsandmanualPrivateLinkServiceConnectionsarrays, including their respective connection states.Documentation Updates
[3.4.0]entry covering Databricks tools (PR Add Azure Databricks DBU pricing tools #28) and orphaned resources expansion + fixes (PR feat: update orphaned resource detection to 11 resource types, Remove… #30)Testing
All 188 tests pass (includes 31 orphaned resource tests + 27 new Databricks tests).