Note: This question is part of a series of questions that present the same scenario. Each question in the series
contains a unique solution that might meet the stated goals. Some question sets might have more than one
correct solution, while others might not have a correct solution.
After you answer a question in this sections, you will NOT be able to return to it. As a result, these questions will
not appear in the review screen.
You use Azure Resource Manager (ARM) templates to deploy resources.
You need to ensure that storage resources defined in templates cannot be deleted.
Solution: You define the following JSON in the template.
Does the solution meet the goal?
A.
Yes
B.
No
Explanation:
As an administrator, you may need to lock a subscription, resource group, or resource to prevent other users in
your organization from accidentally deleting or modifying critical resources. You can set the lock level to
CanNotDelete or ReadOnly.
CanNotDelete means authorized users can still read and modify a resource, but they can’t delete the resource.
ReadOnly means authorized users can read a resource, but they can’t delete or update the resource. Applying
this lock is similar to restricting all authorized users to the permissions granted by the Reader role.References: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-lock-resources