Hello Folks!
In this blog post we will be talking about locking down your Azure Resources with Azure Resource Manager. This tutorial might come handy to you when you want your resources to be safe from getting accidentally deleted. You can lock almost any type of resource using this method be it Virtual Machines, Web Apps, NICs, Resource Groups, etc. When locked, authorized users can still read and modify the resources, but they can’t delete the resources.
Pre-Requirements
I will assume you have the following pre-requirements completed:
- An Azure Subscription
- A VM created using Resource Manager in a Resource Group.
- Make sure you are either the owner of the Azure Subscription or you are the User Administrator.
- You have the Latest Azure PowerShell installed.
So let’s start.
Step 1: Login to your Azure Subscription
Open Azure PowerShell and login with your credentials.
Step 2: Find Your Resource Type
In this step we are trying to find the resource type of our particular resource. For this, run this cmdlet and find the parameter resource type in the output. As the parameter for the ‘–ResourceNameContains’ you can replace with the name of your own resource. In this example, it’s a VM with the name WinServerVM.
Copy down the value for resource type. In this case it is:
Microsoft.Compute/virtualMachines
Paste down this value in the ‘-ResourceType’ parameter in the next step.
Step 3: Locking Down Your Resource
Run this cmdlet and replace the value of –ResourceType with the value of ResourceType parameter you obtained in the Previous Step.
New-AzureRmResourceLock -LockLevel CanNotDelete –LockName LockRmVM -ResourceGroupName CloudySingh-RG -ResourceName WinServerVM –ResourceType Microsoft.Compute/virtualMachines
Output:
Your resource is successfully locked. Let us try to delete this resource (VM here).
You will receive this error.
Step 4: Unlocking Your Resource
You can unlock your resource anytime using this cmdlet.
Remove-AzureRmResourceLock -LockName LockRmVM -ResourceGroupName CloudySingh-RG -ResourceName WinServerVM -ResourceType Microsoft.Compute/virtualMachines
Locking Your Resource Groups
You can also lock the whole Resource Group using this cmdlet.
New-AzureRmResourceLock -LockLevel CanNotDelete -LockName LockRG -ResourceGroupName CloudySingh-RG
—————————————————————————————————————————————————————————————————————-
So, thank you friends. If you have any queries feel free to ask in the comments. You can also follow me on twitter @SinghCloudy.
For all latest blogs and news please follow @ecanarys
Thanks & Regards
Karanmeet Singh
——————————-X————————————-X——————————————-X——————————X————————————–X——————————–