e-BooksSubscribeContact

Lock Azure Resources to Prevent Modification or Deletion

By Reynard from AzureGuru
Published in AZ-900 Training
December 03, 2020
1 min read
*This article could be a summary of content for learning purposes. For more information and knowledge, read the original articles in the References section.

Lock resources in Azure to prevent unexpected changes!

As an administrator, you may need to lock a subscription, resource group, or resource to prevent other users in your organization from accidentally deleting or modifying critical resources. You can set the lock level to CanNotDelete or ReadOnly. In the portal, the locks are called Delete and Read-only respectively.

  • CanNotDelete means authorized users can still read and modify a resource, but they can’t delete the resource.
  • ReadOnly means authorized users can read a resource, but they can’t delete or update the resource. Applying this lock is similar to restricting all authorized users to the permissions granted by the Reader role.

When you apply a lock at a parent scope, all resources within that scope inherit the same lock. Even resources you add later inherit the lock from the parent. The most restrictive lock in the inheritance takes precedence.

References:

  • How to Lock Azure Resources to Prevent Modification or Deletion
  • Lock resources

Tags

AZ-900Governance
Ko-Fi buttonBuy us a coffe

Related Posts

AZ-900 Training
What are service-level agreements (SLAs)?
Community Editorial
January 17, 2021
1 min
© 2021, All Rights Reserved.

Quick Links

Advertise with usAbout UsContact Us

Legal Stuff

Privacy PolicyCookie PolicyTerms Of Use

Social Media

githubtwitterinstagram