diff --git a/changelogs/fragments/hcloud_firewall-deletion.yml b/changelogs/fragments/hcloud_firewall-deletion.yml
new file mode 100644
index 0000000..bb2d234
--- /dev/null
+++ b/changelogs/fragments/hcloud_firewall-deletion.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - hcloud_firewall - the deletion could fail if the firewall was referenced right before
diff --git a/plugins/modules/hcloud_firewall.py b/plugins/modules/hcloud_firewall.py
index a979e29..3460897 100644
--- a/plugins/modules/hcloud_firewall.py
+++ b/plugins/modules/hcloud_firewall.py
@@ -173,6 +173,7 @@ hcloud_firewall:
 from ansible.module_utils.basic import AnsibleModule
 from ansible.module_utils._text import to_native
 from ansible_collections.hetzner.hcloud.plugins.module_utils.hcloud import Hcloud
+import time
 
 try:
     from hcloud.firewalls.domain import FirewallRule
@@ -293,7 +294,19 @@ class AnsibleHcloudFirewall(Hcloud):
         self._get_firewall()
         if self.hcloud_firewall is not None:
             if not self.module.check_mode:
-                self.client.firewalls.delete(self.hcloud_firewall)
+                retry_count = 0
+                while retry_count < 10:
+                    try:
+                        self.client.firewalls.delete(self.hcloud_firewall)
+                        break
+                    except APIException as e:
+                        if "is still in use" in e.message:
+                            retry_count = retry_count + 1
+                            time.sleep(0.5 * retry_count)
+                        else:
+                            self.module.fail_json(msg=e.message)
+                    except Exception as e:
+                        self.module.fail_json(msg=e.message)
             self._mark_as_changed()
         self.hcloud_firewall = None