1 share, 1 point
(Last Updated On: July 23, 2018)

In this blog we will discuss about how to protect azure resources from accidental deletion or changes. Using Azure locks feature, we can restrict users from making any changes to specific azure resources or all resources within a resource group.

Currently there are two azure locks levels available:

  • Delete
  • Read Only

Delete helps to prevent users from deleting the azure resource however user can still make changes to the azure resource. While read only will allow users to read azure resource and prevent from making any changes to azure resources.

Who can configure Azure Locks at Azure Resource:

Resource Owner and User access administrators have privilege to configure Azure lock at azure resources.

How to Set Azure Locks at Azure Resource: 

In this example, we will restrict users from deleting Azure recovery vault created for Azure Backup.

  • Navigate to Azure resource or Resource group and go to settings, Select Locks


  • Click at Add to create lock. Provide Lock name, Lock Type and Notes and click OK

  • This Azure resource is now locked down from deletion.

Az-BackupSVault - Locks p Search [C Overview Activity log Access control (IAM) Tags Diagnose and solve problems SETTINGS Properties Resource group Subscription LOCK NAME Prevent Deletion LOCK TYPE Delete This resource Prevent Admins from Deleting Azure Recovery Vault


Let’s see what happens if user tries to delete Azure Resource which is locked from deletion:

  • In this example I am trying to delete a resource group that has a resource locked down from deletion.              


  • As you can see, we couldn’t delete this Resource group due to locked configured at the child resource.
  • Here you can see one of the child resource is configured with Lock type Delete under this resource group.

For more details please refer https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lock-resources


Like it? Share with your friends!

1 share, 1 point
Hasnain Shaikh
An IT Professional with 14 years of experience across various infrastructure technologies with expertise in Enterprise technology architecture, Solution Designing, Technology service roadmap, Consulting, and Pre & post-sales deployment. Love to learn new technologies and share my knowledge with tech community members. Hasnain Shaikh | LinkedIn Hasnain Shaikh - Speaker Profile @ Sessionize.com


Leave a Reply

Send this to a friend