Management Locks - Create Or Update By Scope

Create or update a management lock by scope.

PUT https://management.azure.com/{scope}/providers/Microsoft.Authorization/locks/{lockName}?api-version=2016-09-01

URI Parameters

Name In Required Type Description
lockName
path True

string

The name of lock.

scope
path True

string

The scope for the lock. When providing a scope for the assignment, use '/subscriptions/{subscriptionId}' for subscriptions, '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}' for resource groups, and '/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePathIfPresent}/{resourceType}/{resourceName}' for resources.

api-version
query True

string

The API version to use for the operation.

Request Body

Name Required Type Description
properties.level True

LockLevel

The level of the lock. Possible values are: NotSpecified, CanNotDelete, ReadOnly. CanNotDelete means authorized users are able to read and modify the resources, but not delete. ReadOnly means authorized users can only read from a resource, but they can't modify or delete it.

properties.notes

string

Notes about the lock. Maximum of 512 characters.

properties.owners

ManagementLockOwner[]

The owners of the lock.

Responses

Name Type Description
200 OK

ManagementLockObject

OK

201 Created

ManagementLockObject

Created

Security

azure_auth

Azure Active Directory OAuth2 Flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation impersonate your user account

Examples

Create management lock at scope

Sample request

PUT https://management.azure.com/subscriptions/subscriptionId/providers/Microsoft.Authorization/locks/testlock?api-version=2016-09-01

{
  "properties": {
    "level": "ReadOnly"
  }
}

Sample response

{
  "properties": {
    "level": "ReadOnly"
  },
  "id": "/providers/Microsoft.Authorization/locks/testlock",
  "type": "Microsoft.Authorization/locks",
  "name": "testlock"
}
{
  "properties": {
    "level": "ReadOnly"
  },
  "id": "/providers/Microsoft.Authorization/locks/testlock",
  "type": "Microsoft.Authorization/locks",
  "name": "testlock"
}

Definitions

Name Description
LockLevel

The level of the lock. Possible values are: NotSpecified, CanNotDelete, ReadOnly. CanNotDelete means authorized users are able to read and modify the resources, but not delete. ReadOnly means authorized users can only read from a resource, but they can't modify or delete it.

ManagementLockObject

The lock information.

ManagementLockOwner

Lock owner properties.

LockLevel

The level of the lock. Possible values are: NotSpecified, CanNotDelete, ReadOnly. CanNotDelete means authorized users are able to read and modify the resources, but not delete. ReadOnly means authorized users can only read from a resource, but they can't modify or delete it.

Name Type Description
CanNotDelete

string

NotSpecified

string

ReadOnly

string

ManagementLockObject

The lock information.

Name Type Description
id

string

The resource ID of the lock.

name

string

The name of the lock.

properties.level

LockLevel

The level of the lock. Possible values are: NotSpecified, CanNotDelete, ReadOnly. CanNotDelete means authorized users are able to read and modify the resources, but not delete. ReadOnly means authorized users can only read from a resource, but they can't modify or delete it.

properties.notes

string

Notes about the lock. Maximum of 512 characters.

properties.owners

ManagementLockOwner[]

The owners of the lock.

type

string

The resource type of the lock - Microsoft.Authorization/locks.

ManagementLockOwner

Lock owner properties.

Name Type Description
applicationId

string

The application ID of the lock owner.