Resource Locks in Azure are designed to help prevent accidental deletion or modification of critical resources. This feature ensures that users don’t mistakenly modify or remove essential components. Azure offers two types of resource locks:
- CanNotDelete: Authorized users can read and modify the resource, but cannot delete it.
- ReadOnly: Authorized users can read the resource, but cannot delete or modify it.
You can apply these locks at the Resource Group (RG) or the Subscription (Subs) level. Once applied, all resources within that group or subscription will inherit the lock, ensuring consistent protection across related resources.
Image Credit: Microsoft Learn
MOVING RESOURCES ACROSS RESOURCE GROUPS (RG) & SUBSCRIPTIONS
Azure enables flexibility by allowing resources to be moved from one RG to another without changing the resource’s physical location. Here's what to keep in mind:
- Resource Groups: When a resource is moved to a new RG, its location remains the same.
- Subscriptions: Resources can also be moved across different subscriptions.
- Dependent Resources: All dependent resources (e.g., a web app and its database) must move together to maintain functionality.
AZURE POLICY SERVICE
The Azure Policy Service plays a vital role in enforcing organizational standards and ensuring access compliance at scale. It helps your organization maintain governance and control over your resources through structured policies.
Key components of Azure Policy include:
- Policy Object: A framework to define rules and conditions for resource management.
- Policy Definition: Specifies a set of conditions that must be met for a resource to comply.
- Initiative Definition: A collection of policy definitions aimed at achieving a larger, unified goal (e.g., ensuring all resources adhere to security standards).
- Assignments: Once defined, a policy or initiative is assigned to a specific scope (e.g., a resource group or subscription) to enforce compliance.
COST MANAGEMENT
Cost management in Azure helps organizations stay on top of their cloud spending and optimize usage. Key components include:
- Budget: Set spending limits and track your costs to avoid overspending.
- Alert: Get notifications when spending approaches or exceeds the set budget.
- Cost Analysis: Analyze how and where costs are incurred to manage better and optimize resources.
- Advisor: Provides recommendations for reducing costs and improving efficiency.