Hello Magnus Eriksen,
Greetings! Welcome to Microsoft Q&A Platform.
There are scenarios when pulumi destroy
will fail to delete resources as expected. This is anticipated due to the nature of cloud provider dependencies, permissions, resources being in a state that prevents their deletion, or when a timeout is not long enough for the cloud provider to complete its operation. Review the output to identify which resources were not deleted and consider the following steps depending on the nature of the failure.
Check to see if a resource was deleted after all
Some resources take time to be removed. Common examples include CloudFront Lambda@Edge functions, which will fail to destroy
but will eventually disappear without requiring further action. In these cases, you can wait and run pulumi refresh
to see if the cloud provider was able to remove the resource.
Check dependencies
If the issue is due to dependencies, identify and delete the dependent external resources manually. This may involve navigating the cloud provider’s console or using its CLI to pinpoint and resolve these dependencies.
Empty or adjust resources
Occasionally a resource cannot be deleted because it contains data or uses network interfaces or other dependencies managed outside the stack. Common examples include deleting VPCs with EINs attached elsewhere or deleting a security group when it is in use. You will need to evaluate the dependencies given the failure and take the necessary actions to resolve this on each provider resource.
Delete resources manually
For each resource that couldn’t be deleted, use the cloud provider’s console or CLI to manually delete it. This may be necessary for resources in a locked state or those with specific permissions preventing automated deletion.
Once you have resolved the source of the deletion failure, you can run pulumi refresh
to validate that all of your resources are destroyed. This command will update your Pulumi state to reflect the current state in the cloud, effectively recognizing any manual deletions or changes that occurred outside of Pulumi’s management.
refer - https://www.pulumi.com/docs/support/troubleshooting/ for more detailed guidance.
Normally, from the activity logs on the Resource group level you should be able to see the Storage account deletion operation which will provide you the Event Initiated by details.
Hope this answer helps! Please let us know if you have any further queries. I’m happy to assist you further.
Please do not forget to "Accept the answer” and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.