SQL SERVER – Azure Key Vault Deletion Error – Vault ‘ProdRecoveryVault’ Cannot be Deleted as There are Existing Resources Within the Vault

SQL SERVER - Azure Key Vault Deletion Error - Vault 'ProdRecoveryVault' Cannot be Deleted as There are Existing Resources Within the Vault warning Along with my performance consulting, I also help many clients in fixing some quick issue. You can refer to various consulting services which I provide. This blog is an outcome of one such engagement where the has Azure Key vault and was not able to delete it. In this blog, we would learn about how to fix error Vault ‘Name’ cannot be deleted as there are existing resources within the vault.

Here is the complete error in the Azure portal.

Vault deletion error

Vault ‘ProdRecoveryVault’ cannot be deleted as there are existing resources within the vault. Please delete any replicated items, registered servers, Hyper-V sites (Used for Site Recovery). policy associations for System Center VMM clouds (Used for Site Recovery) and then delete the vault.

THE SOLUTION

While looking at key vault I found that it was not empty. Long-term protection data from Azure SQL databases which caused this error. I found below useful PowerShell script that will delete the content of the vault and then will delete the vault itself.

Login-AzureRmAccount
$ResourceGroupName = "Default-SQL-SouthIndia"             
$RecoveryServiceVaultName = "ProdRecoveryVault"                     
$Vault = Get-AzureRmRecoveryServicesVault -ResourceGroupName $ResourceGroupName -Name $RecoveryServiceVaultName
Set-AzureRmRecoveryServicesVaultContext -Vault $Vault
$Container = Get-AzureRmRecoveryServicesBackupContainer -ContainerType AzureSQL -FriendlyName $Vault.Name 
$Item = Get-AzureRmRecoveryServicesBackupItem -Container $Container -WorkloadType AzureSQLDatabase 
$Vault = Get-AzureRmRecoveryServicesVault -ResourceGroupName $ResourceGroupName -Name $RecoveryServiceVaultName 
Set-AzureRmRecoveryServicesVaultContext -Vault $Vault
$Containers = Get-AzureRmRecoveryServicesBackupContainer -ContainerType AzureSQL -FriendlyName $Vault.Name 
ForEach ($Container in $Containers) 
{
   $Items = Get-AzureRmRecoveryServicesBackupItem -container $Container -WorkloadType AzureSQLDatabase
   ForEach ($Item in $Items)
   {
      # Remove the backups from the vault
     Disable-AzureRmRecoveryServicesBackupProtection -item $Item -RemoveRecoveryPoints -ea SilentlyContinue
   }
   Unregister-AzureRmRecoveryServicesBackupContainer -Container $Container
}
Remove-AzureRmRecoveryServicesVault -Vault $Vault

After running above, we saw that vault got removed successfully. This was very interesting to me. Have you ever faced such a problem, if yes, how did you resolve the error?

Reference: Pinal Dave (https://blog.SQLAuthority.com)

Quest

Powershell, SQL Azure, SQL Scripts, SQL Server, SQL Server Security
Previous Post
SQL SERVER – How to Change Authentication Mode Using T-SQL Query
Next Post
SQL SERVER – Always On Secondary Replica Huge Redo Queue – Version Store is Full. New Version(s) Could Not be Added

Related Posts

Leave a Reply