Differences

This shows you the differences between two versions of the page.

--- azure:resource_locks [2024/10/03 13:04] – [☝️ Note] mmuze
+++ azure:resource_locks [2024/10/03 14:27] (current) – [Resource Locks] mmuze
@@ Line 4: / Line 4: @@
   * [[https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources?tabs=json#considerations-before-applying-your-locks|Resource Lock Considerations]]
       * A read-only lock on a resource group prevents you from moving existing resources in or out of the resource group. But note that a resource (not a resource group) with read-only lock can be moved to another resource group.
+  * If you have a Delete lock on a resource and attempt to delete its resource group, the feature blocks the whole delete operation. Even if the resource group or other resources in the resource group are unlocked, the deletion doesn't happen. You never have a partial deletion.
 <callout type="info">
@@ Line 17: / Line 18: @@
 ====== Permissions to Create and Delete ======
-> To create or delete management locks, you need access to
 > To create or delete management locks, you need access to ''%%Microsoft.Authorization/*%%'' or ''%%Microsoft.Authorization/locks/*%%'' actions. Users assigned to the **Owner** and the **User Access Administrator** roles have the required access. Some specialized built-in roles also grant this access. You can create a custom role with the required permissions.