Cannot remove DDoS Protection Delete Issues

주승환 0 Reputation points
2023-09-21T12:43:37.2866667+00:00

Hello,

Unable to delete resource DDoS Protection Plans

The Error Messages are as follows

===

DDoS protection plans(/subscriptions/xxx/resourceGroups/test-poc-kc-network-rg/providers/Microsoft.Network/ddosProtectionPlans/ddos-ip-plan) cannot be deleted because they are in use for virtual networks.

You cannot delete /subscriptions/xxx/resourceGroups/test-poc-kc-network-rg/providers/Microsoft.Network/publicIPAddresses/test-poc-kc-dmz-agw-pip because it is in use.

(* xxx is the subscription name)

===

All but these resources are currently deleted

Only ddos resource("ddos-ip-plan") are not removed

"test-poc-kc-dmz-agw-pip" is also removed.. Is this a bug?

Currently, I can't open the support ticket

Is there a solution?

Azure DDos Protection
Azure DDos Protection
An Azure service that provides defense against distributed denial-of-service (DDoS) attacks.
63 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. ChaitanyaNaykodi-MSFT 23,031 Reputation points Microsoft Employee
    2023-09-22T02:53:54.65+00:00

    @주승환

    Thank you for reaching out.

    I understand you are unable to delete the DDOS protection plan and unable to diss-associate from the Virtual Network as it has been deleted and only the DDOS protection plan remains.

    DDoS protection plans cannot be deleted if they are associated with a virtual network. So the first step is to disassociate both objects. Although the VNET is deleted, I think it is still worth a try and see if you can still try to diss-associate the DDOS plan from the Virtual Network using Azure CLI as shown here and see if that helps in deletion.

    az network vnet update \
    --resource-group MyResourceGroup \
    --name MyVnet \
    --ddos-protection-plan MyDdosProtectionPlan \
    --ddos-protection false

    Follow this command if it is DDOS IP Protection plan.

    If not tried already another approach you can take here is to try and remove the DDOS plan using PowerShell Command shown here.

    Remove-AzDdosProtectionPlan -ResourceGroupName ResourceGroupName -Name DdosProtectionPlan

    If you are still unable to delete the DDOS plan, I think a support ticket will be required in this case as a support engineer can involve backend team to help resolve this issue. From you question I understand you do not have a support plan. In this case could you please send an email to azcommunity@microsoft.com with the below details. I will create a one-time support ticket for you in this case.

    Subject : Attn Chaitanya

    Thread URL: Link to this thread.

    Subscription ID

    Please let me know once you have done the same.

    0 comments