Azure Resource Manager locks are a way to prevent accidental deletion or modification of resources in your Azure account. Locks can be applied to a subscription, resource group, or individual resource. There are two types of locks: Read-only and Cannot Delete.
A ReadOnly lock prevents users from deleting or modifying a resource but permits reading the configuration.
A CannotDelete lock prevents users from deleting a resource but permits reading and modifying its configuration.
Businesses should use Azure Resource Manager locks to restrict operations on production Azure cloud resources where modifying or deleting a resource would have a significant negative impact. As an administrator, it may be necessary to lock important resources in order to prevent other users within your organization from mistakenly deleting or modifying them1.
To apply a lock, you can use the Azure portal, Azure PowerShell, Azure CLI, or Azure Resource Manager templates. Once a lock is applied, it can only be removed by someone with the appropriate permissions.
To apply a lock to a resource in Azure, you can use the Azure portal, Azure PowerShell, Azure CLI, or Azure Resource Manager templates. Here are the steps to apply a lock using the Azure portal:
- Navigate to the resource you want to lock in the Azure portal.
- Under the Settings section, select Locks.
- Select Add.
- Provide a name for the resource lock, and specify the type of lock (ReadOnly or CannotDelete).
Once you have applied a lock, it can only be removed by someone with the appropriate permissions.
For more information on Azure Resource Manager locks.