e-BooksSubscribeContact

Lock Azure Resources to Prevent Modification or Deletion

By Reynard from AzureGuru
Published in AZ-900 Training
December 03, 2020
1 min read

Lock resources in Azure to prevent unexpected changes!

As an administrator, you may need to lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying critical resources. You can set the lock level to CanNotDelete or ReadOnly. In the portal, the locks are called Delete and Read-only respectively.

  • CanNotDelete means authorized users can still read and modify a resource, but they can’t delete the resource.
  • ReadOnly means authorized users can read a resource, but they can’t delete or update the resource. Applying this lock is similar to restricting all authorized users to the permissions granted by the Reader role.

When you apply a lock at a parent scope, all resources within that scope inherit the same lock. Even resources you add later inherit the lock from the parent. The most restrictive lock in the inheritance takes precedence.

References:

  • How to Lock Azure Resources to Prevent Modification or Deletion
  • Lock resources

Tags

AZ-900Governance

Related Posts

What is the service lifecycle?
January 17, 2021
1 min
© 2021, All Rights Reserved.

Quick Links

Advertise with usAbout UsContact Us

Social Media