Can you give some examples of what you cannot do when you apply a read-only lock on an Azure resource group?
Experience Level:
Junior
Tags:
Azure Cloud
Azure Resource Manager
Answer
Read-only lock will prevent you from modifying any resources in the resource group.
Resource manager read-only locks usually apply only to operations that happen on the management plane. However, there are some exceptions to this - Read-only Locks can in some cases prevent access to the data plane, such example is Azure Storage.
As an example, for the resources in RG with read-only lock:
- You can't start/stop/restart a virtual machine because these operations require POST
- You can't create or delete a virtual machine
- You can't upload a blob to a storage account
- You can't list the keys in a storage account
- Visual Studio Server Explorer is prevented from displaying files for App Service because the interaction requires write access
Also when you put a lock to a subscription:
- Azure Advisor won't work because it is unable to store the results of its queries
Related Azure Cloud job interview questions
-
How do you allow some users of Azure Active Directory to use Azure AD Premium P2 licenses?
Azure Active Directory Azure Cloud Junior -
If you use Azure Policy to add tags to resources in a resource group, how are existing and newly created resources affected?
Azure Cloud Azure Policy Junior -
How do you migrate DNS from on-premises server to Azure DNS?
Azure Cloud Azure DNS Junior -
Using Azure, how can you generate a report with costs for each department when each department has its dedicated resources stored in multiple resource groups that are shared across departments?
Azure Cloud Junior -
What are the requirements for disks and VM that is to be moved from on-premises to Azure?
Azure Cloud Azure Virtual Machines Junior
