If you try to remove a UDR from a subnet that contains private endpoints, you may get the following error:

Failed to dissociate subnet 'SubnetName'. Error: Private endpoint network policies cannot be enabled on private endpoint subnet 'FullPathSubnet' .

To resolve run the following command using Azure CLI. Keep the route table parameter blank.

az network vnet subnet update -g MyResourceGroup -n MySubnet --vnet-name MyVNet --route-table ""