Secure your mission-critical environment and production workloads. Block your Azure services so nobody can delete them! If you are looking to stop people from deleting resources in your Azure tenant, I’ll show you how to do it using Azure Locks.
This is a must-use feature when creating missing critical services and in production environments. In today’s blog post, we’ll look at how to enable this configuration.
Azure Locks allow you to apply rules so nobody can delete or update any services. Configuration happens at the following levels:
- Subscription – in case you want to define an overall rule
- Resource Group – when you want to lock a specific Resource Group
- Service – when defining a lock for a specific service. For example, Azure Synapse Analytics, Azure Data Factory, etc.
There are other lock types that you can apply, like Read-Only.
- Block Deletion of Azure Services
- Update or Delete Lock Azure Rule
Block Deletion of Azure Services
To begin, the process is the same for the three levels mentioned above (Subscription, Resource Group or Service) First, you need to find the “lock” option.
Then, add a lock rule.
Once you save the lock, it will become available on the list.
Groups and services will inherit these rules.
Resource Group inherited lock example:
Service level inherited lock example:
Update or Delete Lock Azure Rule
Next, if you want to update or delete lock rules in Azure, you can do this on the same screen.
In summary, you’ve learned how to enhance security within your Azure tenant by using this feature. It’s important to implement these rules within any mission-critical services and production environments.
In upcoming blog posts, we’ll continue to explore other Azure Data Service features.
Please follow Tech Talk Corner on Twitter for blog updates, virtual presentations, and more!