Hi, This load balancer and it's IP address is something that gets created in the backend when you create Application Gateway. Looks like the deletion is not clean and needs manual clean up. There is nothing that you can do to fix this. Please raise a ticket with support and they can help in cleaning up this resource from backend.
Public IP Address linked to load balancer I didn't create
I created an Application Gateway with associated resources, a virtual network, public IP address, NSGs, and WAF using Bicep Templates. Once done, I tried deleting the resource group I created, and it said it failed. All that's left in the RG is the public IP address, and virtual network. The public IP address is associated with a load balancer that seems to exist in a different tenant and subscription. This is the error I get:
You do not have authorization to access this resource.
Resource ID: /subscriptions/db84baa0-4d8e-4f60-a896-a2e28675ceef/resourceGroups/armrg-1625adf0-8fb8-407a-807b-a3e164b9aa90/providers/Microsoft.Network/loadBalancers/appgwLoadBalancer
Status Code: 401
Status Message: The access token is from the wrong issuer 'https://sts.windows.net/aee1d42e-29d0-401f-b3a7-4dfa337692cc/'. It must match the tenant 'https://sts.windows.net/33e01921-4d64-4f8c-a055-5bdaffd5e33d/' associated with this subscription. Please use the authority (URL) 'https://login.windows.net/33e01921-4d64-4f8c-a055-5bdaffd5e33d' to get the token. Note, if the subscription is transferred to another tenant there is no impact to the services, but information about new tenant could take time to propagate (up to an hour). If you just transferred your subscription and see this error message, please try back later.
So I can't access the load balancer to dissociate the IP address.
The other thing is that the virtual network has some VM scale sets seemingly from the app gateway under connected devices. When I click on them, I get the following error:
resource Id: /subscriptions/db84baa0-4d8e-4f60-a896-a2e28675ceef/resourceGroups/armrg-1625adf0-8fb8-407a-807b-a3e164b9aa90/providers/Microsoft.Compute/virtualMachineScaleSets/appgw/virtualMachines/0, API version: 2022-03-01, {"code":"InvalidAuthenticationTokenTenant","message":"The access token is from the wrong issuer 'https://sts.windows.net/aee1d42e-29d0-401f-b3a7-4dfa337692cc/'. It must match the tenant 'https://sts.windows.net/33e01921-4d64-4f8c-a055-5bdaffd5e33d/' associated with this subscription. Please use the authority (URL) 'https://login.windows.net/33e01921-4d64-4f8c-a055-5bdaffd5e33d' to get the token. Note, if the subscription is transferred to another tenant there is no impact to the services, but information about new tenant could take time to propagate (up to an hour). If you just transferred your subscription and see this error message, please try back later."}
So I cannot delete the VNet as it has connected devices I cannot access.
I did not create the load balancer, and I'm unsure how the scale sets work.
-
msrini-MSFT 9,266 Reputation points Microsoft Employee
2023-12-07T04:08:22.71+00:00