Resource Group Locks

Resource group locks are used to prevent accidental deletion or changes to resources in resource groups. There are two types of locks CanNotDelete and ReadOnly. Locks on a resource group will inherit down to the resource within the group.

For example, if you apply the CanNotDelete lock to a resource group you cannot delete any resources within that group without first removing the lock

Adding and removing a Lock via the portal

Navigate to the resource group select Locks and enter the required details.

  • Lock name – a descriptive name you you,
  • Lock type – either by Read-only or Delete.
  • Notes – an optional area to add addition details above the lock, an internal reference number maybe

If you need to delete or change a resource at a later date and the lock prevents you you will need to come back into the locks section and delete the lock.

Using PowerShell to list the Locks in place on a resource group


Using PowerShell to add a Lock


Using PowerShell to remove a Lock


Using AzureCLI to add a Lock


Author: Phil Eddies

I am an IT Operations Manager, managing all aspects of the IT infrastructure and service for a mid sized UK based company. I have been working full time in IT since 2001 in 1st to 3rd line and System Administration roles. MCSA, MCSE, CCNA, Citrix CCA