Can you give some examples of what you cannot do when you apply a read-only lock on an Azure resource group?

Experience Level: Junior
Tags: Azure Cloud Azure Resource Manager

Answer

Read-only lock will prevent you from modifying any resources in the resource group.

Resource manager read-only locks usually apply only to operations that happen on the management plane. However, there are some exceptions to this - Read-only Locks can in some cases prevent access to the data plane, such example is Azure Storage.

As an example, for the resources in RG with read-only lock:

  • You can't start/stop/restart a virtual machine because these operations require POST
  • You can't create or delete a virtual machine
  • You can't upload a blob to a storage account
  • You can't list the keys in a storage account
  • Visual Studio Server Explorer is prevented from displaying files for App Service because the interaction requires write access

Also when you put a lock to a subscription:

  • Azure Advisor won't work because it is unable to store the results of its queries
Related Azure Cloud job interview questions
Azure Resource Manager
Azure Resource Manager

Are you learning Azure Cloud? Try our test we designed to help you progress faster.

Test yourself
AZ-104 Microsoft Azure Administrator Preparation
AZ-104 Microsoft Azure Administrator Preparation

Are you learning Azure Cloud? Try our test we designed to help you progress faster.

Test yourself