Can you give some examples of what you cannot do when you apply a read-only lock on an Azure resource group?
Read-only lock will prevent you from modifying any resources in the resource group.
Resource manager read-only locks usually apply only to operations that happen on the management plane. However, there are some exceptions to this - Read-only Locks can in some cases prevent access to the data plane, such example is Azure Storage.
As an example, for the resources in RG with read-only lock:
- You can't start/stop/restart a virtual machine because these operations require POST
- You can't create or delete a virtual machine
- You can't upload a blob to a storage account
- You can't list the keys in a storage account
- Visual Studio Server Explorer is prevented from displaying files for App Service because the interaction requires write access
Also when you put a lock to a subscription:
- Azure Advisor won't work because it is unable to store the results of its queries
Related Azure Cloud job interview questions
Azure Active Directory Azure Cloud Junior
If you use Azure Policy to add tags to resources in a resource group, how are existing and newly created resources affected?Azure Cloud Azure Policy Junior
Azure Cloud Azure DNS Junior
Using Azure, how can you generate a report with costs for each department when each department has its dedicated resources stored in multiple resource groups that are shared across departments?Azure Cloud Junior
Azure Cloud Azure Virtual Machines Junior