This is due to a limitation in the api design for how destroy-controller works - it was only originally intended to nuke everything. Note that destroy-model will clean up the resources created by Juju in the user specified resource group, leaving any unmanaged resources in place.
We want to do this for destroy controller also, but the cloud providers in Juju were not originally designed to be able to access all the info needed from hosted models during the destroy workflow. The limitation is explained here
This is due to a limitation in the api design for how destroy-controller works - it was only originally intended to nuke everything. Note that destroy-model will clean up the resources created by Juju in the user specified resource group, leaving any unmanaged resources in place.
We want to do this for destroy controller also, but the cloud providers in Juju were not originally designed to be able to access all the info needed from hosted models during the destroy workflow. The limitation is explained here
https:/ /discourse. charmhub. io/t/juju- 2-9-new- azure-features- disk-encryption -byo-vnets- public- ip-constraint/ 4030
It will require non trivial implementation changes to fix.