Delete a Subnet from an Azure Virtual Network

This document outlines the steps and considerations for deleting a subnet from an existing Azure Virtual Network (VNet). Deleting a subnet is a permanent operation and cannot be undone.

Important: Before proceeding with the deletion, ensure that no resources are currently deployed within the subnet you intend to delete. Resources such as virtual machines, Azure SQL databases, or other services using the subnet's IP addresses will become inaccessible or may fail if the subnet is deleted.

Prerequisites

An Azure subscription.
An existing Azure Virtual Network with at least one subnet.
Permissions to manage the virtual network and its subnets (e.g., Contributor, Network Contributor, or Owner role).

Steps to Delete a Subnet

Azure Portal Azure CLI Azure PowerShell

Using the Azure Portal

1. Navigate to your Virtual Network

Sign in to the Azure portal. In the search bar at the top, type "Virtual networks" and select the Virtual Networks service. Locate and select the virtual network that contains the subnet you wish to delete.

2. Access Subnets Configuration

In the virtual network's menu, under 'Settings', select Subnets.

3. Select and Delete the Subnet

You will see a list of all subnets within your virtual network. Find the subnet you want to delete, click on its name to select it, and then click the Delete button at the top of the subnet list.

4. Confirm Deletion

A confirmation dialog will appear. Read the warning carefully. If you are sure you want to delete the subnet and have confirmed no resources are using it, type the name of the subnet in the confirmation box and click Delete.

Using the Azure CLI

You can delete a subnet using the Azure CLI with the following command:

az network vnet subnet delete \
  --resource-group  \
  --vnet-name  \
  --name

Tip: Replace <YourResourceGroupName>, <YourVirtualNetworkName>, and <YourSubnetName> with your actual resource group name, virtual network name, and subnet name.

1. Install and Log In to Azure CLI

Ensure you have the Azure CLI installed and are logged in to your Azure account. If not, follow the Azure CLI installation guide and use az login.

2. Execute the Delete Command

Open your terminal or command prompt and run the command, replacing the placeholders with your specific details. The command will prompt for confirmation.

3. Verify Deletion (Optional)

You can list the subnets in your VNet to confirm the deletion:

az network vnet subnet list \
  --resource-group  \
  --vnet-name  \
  --output table

Using Azure PowerShell

You can delete a subnet using Azure PowerShell with the following command:

Remove-AzVirtualNetworkSubnetConfig `
  -Name "" `
  -VirtualNetworkName "" `
  -ResourceGroupName ""

Tip: Replace <YourSubnetName>, <YourVirtualNetworkName>, and <YourResourceGroupName> with your actual subnet name, virtual network name, and resource group name.

1. Install and Connect to Azure PowerShell

Ensure you have the Azure PowerShell module installed and are connected to your Azure account. If not, follow the Azure PowerShell installation guide and use Connect-AzAccount.

2. Execute the Delete Command

Open your PowerShell console and run the command, replacing the placeholders with your specific details. You will be prompted to confirm the deletion.

3. Verify Deletion (Optional)

You can retrieve the virtual network configuration to verify the subnet has been removed:

Get-AzVirtualNetwork `
  -Name "" `
  -ResourceGroupName "" `
  | Select-Object -ExpandProperty Subnets

Important Considerations Before Deleting

Resource Dependency: This is the most critical point. If any Azure resource is deployed within the subnet (e.g., Virtual Machines, Load Balancers, Application Gateways, AKS node pools, Azure SQL Managed Instances, App Service Environments), the deletion will fail, or worse, impact the functionality of those resources. Always ensure the subnet is empty.
IP Address Leases: When a subnet is deleted, any IP address leases associated with resources within that subnet are released.
Associated Services: Deleting a subnet might affect services that depend on its IP address range, such as Network Security Groups (NSGs) or User Defined Routes (UDRs) that specifically target the subnet. While NSGs are associated with NICs or subnets, deleting the subnet itself doesn't automatically delete the NSG, but its applicability might change.
Permanent Action: Subnet deletion is irreversible. Once deleted, the subnet and its associated IP address space are gone. You would need to recreate it if required.

Be extremely cautious when deleting subnets in production environments. It is highly recommended to perform such operations during scheduled maintenance windows and to have a rollback plan.

Troubleshooting Deletion Failures

If your subnet deletion fails, it's almost always due to resources being present in the subnet. The error message provided by Azure will usually indicate this. You can use the following steps to identify and remove the dependent resources:

Check Virtual Machines: Look for VMs whose network interfaces are configured to use an IP address within the subnet.
Check Load Balancers: Examine Load Balancer frontend and backend pool configurations.
Check Application Gateways: Review the IP configurations of your Application Gateways.
Check AKS Node Pools: If using Azure Kubernetes Service, node pools are provisioned within subnets.
Check other Azure Services: Many PaaS services can be deployed into VNets and use specific subnets.

Once all dependent resources are removed or reconfigured to use a different subnet or network, you can attempt the subnet deletion again.