Stack Overflow
Stack Overflow

Questions tagged [azure-resource-lock]

Azure subscriptions, resource groups, and resources can be protected from accidental deletions and modifications through the use of resource locks. This tag is for discussing the use, management and scope of resource locks.

Overview

Azure subscriptions, resource groups, and resources can be protected from accidental deletions and modifications through the use of resource locks.

You can set locks that prevent either deletions or modifications. In the portal, these locks are called Delete and Read-only. In the command line, these locks are called CanNotDelete and ReadOnly.

See also

20 questions
5
votes
1 answer

Managing Azure resource locks through Terraform

Through Terraform I am planning to manage Azure resource locks. My idea is to create a ReadOnly lock at the resource level. As per the Terraform documentation, below code can be used for that purpose. resource "azurerm_management_lock"…
Hound
  • 837
  • 17
  • 31
2
votes
3 answers

Selective Resource/Infra isolation on Azure. Possible?

Good day, folks! I have an Azure subscription and it has multiple resources created, like App Services, Databases, Key Vault, Storage, account, etc I want only a few people to see the full resources, for the rest of the team, I don't want all the…
Raw_Wish
  • 151
  • 1
  • 6
2
votes
1 answer

Preventing inheritance of delete lock on resource group

I would like to place a delete lock on an Azure resource group so that the resource group itself can't be deleted -- but there should not be restriction on deletion of any resources residing in the group. The problem is that if I place such a delete…
Dhiraj
  • 3,396
  • 4
  • 41
  • 80
2
votes
1 answer

How to lock all resources in an Azure Resource group using Python

I am using azure SDK python to lock all resources in a specific resource group. I am not able to find proper help/documentation for the same. There are no methods related to this in the azure-mgmt-resource package Can anyone suggest any?
uday kiran
  • 63
  • 5
2
votes
1 answer

Azure Policy: Delete lock on resource group

I try do use Azure Policy to check if all resource groups in my production subscription have a "CanNotDelete" lock. I built a policy inspired by this question, the result can be found below. While testing this, I found out that resource groups…
Alex AIT
  • 17,361
  • 3
  • 36
  • 73
2
votes
1 answer

How to apply Azure resource locks to Resource Groups via Policy

I'm trying to create an Azure policy which will deploy a resource lock with the level of 'CanNotDelete' to resource groups within a subscription. Currently the policy is 100% compliant but no locks have been created by the policy. I have the…
craig Rickett
  • 428
  • 1
  • 5
  • 17
2
votes
2 answers

How to lock all resources in an Azure resource group with a foreach script

I am trying to create a PowerShell script that will put a deletion lock on all Azure resources inside a specific resource group using: PS C:\> $PSVersionTable.PSVersion Major Minor Build Revision ----- ----- ----- -------- 5 1 14393…
Georgi Pohlupkov
  • 55
  • 7
2
votes
2 answers

Resource Group Lock using ARM Template

hi i am tried to lock a resource group in azure using ARM template but i am not able do so please help me if anyone already familiar.
Devendra Pal Singh
  • 43
  • 2
  • 7
1
vote
2 answers

How to stop a Storage Event Trigger of Azure Data Factory using Powershell when there is a Delete lock on the Resource group?

I want to stop a Storage Event Trigger that is on my data factory before I make modifications to the factory using ARM deployment/Azure DevOps. There is a Delete lock on my resource group which is causing the below error when I try to stop the…
Ajay Meda
  • 313
  • 1
  • 11
1
vote
1 answer

Lock azure resource with PowerShell

I've been trying to run a script to create a lock on azure resource to prevent resources being deleted inadvertently. I get an error message and I can't figure out why it's showing me this error message. Script: #Sign in to Azure…
Leanne Kami
  • 79
  • 1
  • 13
1
vote
1 answer

How to delete a resource lock in Azure using command line?

I have created a lock of type CanNotDelete on a storage account in Azure. The lock works; I cannot delete the storage account as long as the lock exists. I can get the name and ID of the lock by doing this: az lock list --resource-group…
Claus Appel
  • 1,015
  • 10
  • 28
0
votes
1 answer

List and manage Azure Resource Locks with Python SDK

I am trying to list and loop through Azure Resource Locks of a resource group by using Python SDK. from azure.mgmt.resource.locks.v2016_09_01.aio import ManagementLockClient management_lock_client = ManagementLockClient(credential,…
MoonHorse
  • 1,966
  • 2
  • 24
  • 46
0
votes
2 answers

How to lock storage accounts in Azure using Python SDK

I am using python SDK to lock a particular azure resource. Although I found documentation, I am getting exceptions as a resource not found while I am trying to lock the storage account. As I am trying to store accounts in a Resource Grp, I'm using…
sai siddhartha
  • 15
  • 5
0
votes
2 answers

Azure - prevent Subscription Owner from modifying specific Resource Group?

I'm exploring options for securing some Azure resources within a subscription from tampering, even by subscription owners. The intent is to standardize our subscriptions which are used by other teams for their engineering. We've considered giving…
STW
  • 44,917
  • 17
  • 105
  • 161
0
votes
1 answer

Can an owner remove a read-only or non-delete lock in Azure?

I have a doubt about Azure Resource Blocks. By adding a read-only or non-delete lock to a resource, when you hit delete it can not be deleted. So my question is, that lock can be removed by an owner? Is it possible to make it impossible to remove…
felix conde
  • 3
  • 1
1
2