Share via

Cannot delete Virtual Network/Enterprise Policy

Joshua Trzcienski 0 Reputation points
2024-12-20T20:20:58.29+00:00

I have been trying to setup the virtual network connection between the Power Platform and Azure, and in doing so it involves creating two virtual networks that delegate a subnet to Microsoft.PowerPlatform/enterprisePolicies. In the same resource group there is an Enterprise Policy that was created that has the virtual network information to be used by the Power Platform environment.

The issue I am having is that even after removing the network injection policy from the Power Platform environment, I am unable to delete any of the virtual networks or the enterprise policy. I created a separate RG and followed the same steps for setup, and once I unlinked the policy from the environment everything was deleted with no issues, but this environment I still cannot delete anything.

Error when trying to delete the enterprise policy: InputValidationError

Error when trying to delete the virtual networks: Subnet is in use by PowerPlatformServiceLink and cannot be deleted. In order to delete the subnet, delete all the resources within the subnet (InUseSubnetCannotBeDeleted).

There does not seem to be anything in either vNet in terms of resources, but I cannot remove the delegation either as I get a similar error message as above. I was also unable to remove Microsoft.PowerPlatform as a resource provider for the subscription as well.

Link to the guide I was using to setup the vNet support: https://learn.microsoft.com/en-us/power-platform/admin/vnet-support-setup-configure

Azure Virtual Network
Azure Virtual Network
An Azure networking service that is used to provision private networks and optionally to connect to on-premises datacenters.
2,591 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Vinodh247 26,696 Reputation points MVP
    2024-12-21T16:04:03.3166667+00:00

    Hi ,

    Thanks for reaching out to Microsoft Q&A.

    The issue of not being able to delete virtual networks or the enterprise policy is likely due to dependencies and locks associated with the Microsoft.PowerPlatform/enterprisePolicies delegation. To resolve this, ensure the Power Platform environment is fully unlinked from the enterprise policy and virtual network. Verify there are no residual dependencies, such as private endpoints or network interfaces, linked to the subnet, and confirm that the delegation has been removed. Additionally, check for any resource locks applied to the virtual network or policy and remove them if present. If the Microsoft.PowerPlatform resource provider cannot be unregistered, ensure it is not being actively used by other environments. If these steps do not resolve the issue, the problem may require assistance from Azure Support to forcefully remove the delegation or any underlying configurations preventing deletion.

    Check if there are any residual dependencies in the virtual network or subnets, such as:

    • Private Endpoints linked to the vNet.
    • Network Interfaces that might still be associated.
    • Any other services or configurations that could be using the subnet.

    Use the following Azure CLI command to identify resources associated with the subnet

    az network vnet subnet show --resource-group <resource-group-name> --vnet-name <vnet-name> --name <subnet-name>

    The error indicates that the subnet is delegated to Microsoft.PowerPlatform/enterprisePolicies. Attempt to remove this delegation explicitly:

    az network vnet subnet update --resource-group <resource-group-name> --vnet-name <vnet-name> --name <subnet-name> --remove delegations

    If this fails, it might mean the delegation is still actively tied to the Power Platform environment. Check the Power Platform admin portal to ensure:

    • The environment is unlinked from the vNet.
    • Any policies associated with the environment are removed.

    Please feel free to click the 'Upvote' (Thumbs-up) button and 'Accept as Answer'. This helps the community by allowing others with similar queries to easily find the solution.

    0 comments
  2. KapilAnanth-MSFT 48,261 Reputation points Microsoft Employee
    2024-12-23T09:29:12.9566667+00:00

    @Joshua Trzcienski ,

    Welcome to the Microsoft Q&A Platform. Thank you for reaching out & I hope you are doing well.

    This error occurs when you delete the VNET Integrated PaaS service without unlinking the VNET.

    • The SAL (Service Association Link) is left undeleted and thus remains in the VNET
    • As next steps, you can re-create the PaaS Service (Power App Enterprise policy) with same name and properties and integrate it into the same subnet where the error occurs
    • Once done, this time unlink the Power Platform and then delete the VNET
      • And then delete the Power Platform once the VNET is deleted
    • See : Virtual Network support overview | Power Platform

    If the above does not help, in order to troubleshoot further, we will need a specialized 1:1 session, where a support engineer can check the backend logs to pinpoint the issue.

    If you have a support plan you may file a support ticket, else please do let us know, we will try and help you get a one-time free technical support.

    Cheers,

    Kapil

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.