Episode Details

Cloud platforms love to promise efficiency. Azure tells you to pay only for what you use. But most organizations are not paying for active usage anymore. They are paying for forgotten infrastructure, abandoned projects, stale environments, orphaned disks, idle virtual machines, and resources nobody remembers creating. The billing meter never stops simply because a sprint ended or a team moved on. That is the real problem with manual governance. Cleanup depends on memory, spare time, and someone eventually noticing the cost report after the spend has already landed. Finance sees rising cloud bills. Engineering starts hunting through old tickets. Teams debate ownership while unused resources continue burning budget in the background. The cloud makes spinning things up incredibly easy, but shutting things down safely and consistently is where most organizations fail. In this episode, Mirko Peters breaks down how to build an automated Azure cleanup engine that removes waste before it scales into chaos. Instead of relying on manual reviews and reactive cost reports, the model combines Azure Policy, intelligent tagging, Resource Graph, and Logic Apps to continuously identify resources that no longer deserve to exist. The result is a governance approach that moves from “someone should clean this up” to a repeatable lifecycle control system that actually works.

WHY CLOUD WASTE NEVER REALLY GOES AWAY

Most cloud waste is not caused by oversized virtual machines or premium database tiers. The deeper issue is lifecycle drift. Projects start quickly, teams deploy temporary resources, proof-of-concept environments get created, and then priorities change. The work disappears, but the infrastructure survives. Over time, these forgotten assets turn into background noise that quietly inflates cloud spend month after month. Weak tagging makes the problem even worse. When resources lack ownership, expiry dates, or cost center alignment, cloud bills lose context. Organizations can see the spend, but they cannot see the story behind it. Accountability becomes blurry, cleanup slows down, and manual governance creates endless delays that protect waste instead of eliminating it. This episode explains why governance fails when it sits outside the delivery process and why the solution is not more reports, but stronger lifecycle enforcement built directly into the platform. 

THE GOVERNANCE MODEL BEHIND THE CLEANUP ENGINE

The architecture is intentionally simple:

• Azure Policy becomes the law
• Tags provide the operational context
• Logic Apps execute the cleanup actions
• Resource Graph continuously discovers lifecycle drift

Mirko walks through how to structure governance correctly using management groups, resource group inheritance, audit-first rollout strategies, and progressive enforcement models that move from Audit to Modify and finally to Deny once the organization is ready. You will learn why governance systems often fail when policies, automation, and tagging become overly complex — and how keeping the model small and explainable dramatically improves adoption and trust across engineering teams.

THE TAGGING STRATEGY THAT MAKES SAFE DELETION POSSIBLE

Tags are not decorative metadata. They are the decision engine behind automated cleanup. This episode explores the exact tag model needed to support safe lifecycle automation, including:

• Owner
• Environment
• CostCenter
• ExpiryDate or TTL
• CleanupAction
• ExceptionReason

You will hear why strong tagging transforms deletion from a risky guess into a controlled operational decision, and why inheritance through resource groups is far more scalable than forcing manual tagging on every deployment. Mirko also explains how poor taxonomy design destroys automation credibility, why free-text exception handling creates governance d