Add/Remove Azure Resource Locks with Powershell
Resource locks are a powerful mechanism to protect your resources from unauthorized operations. For example, you can lock your storage account to prevent files and directories are deleted. Or you can lock you Data Factory resource so pipelines cannot be deleted manually. The lock policy might differ per environment; in a development environment you might want to give your developers more freedom than in a controlled production environment. In addition, you would want to control who is allowed to remove/add locks (eg personal vs. non-personal accounts).
It is advisable to clearly define your “lock strategy” on resource group as well as resource level, to benefit from this feature from the moment you provision resources.
You can add and remove locks with Powershell.
Remove lock by lock name:
Remove-AzResourceLock -LockName '{}' -ResourceName '{}' -ResourceGroupName '{}' -ResourceType '{}' -Force
Remove lock by lock id:
Remove-AzResourceLock -LockId '{}' -Force
Don’t know your lock id? Fetch all lock ids with:
Get-AzResourceLock -ResourceGroupName '{}' -ResourceType '{}'-ResourceName '{}'
Add lock, example CanNotDelete:
New-AzResourceLock -LockName '{}' -ResourceName '{}' -ResourceGroupName '{}' -ResourceType '{}' -LockLevel "CanNotDelete" -Force
Azure Tutorials frequently publishes tutorials, best practices, insights or updates about Azure Services, to contribute to the Azure Community. Azure Tutorials is driven by two enthusiastic Azure Cloud Engineers, combining over 15 years of IT experience in several domains. Stay tuned for weekly blog updates and follow us if you are interested!
https://www.linkedin.com/company/azure-tutorials