Skip to content

hmcts/azure-resource-locks

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

105 Commits
.github
.github
 
 
pipelines
pipelines
 
 
scripts
scripts
 
 
README.md
README.md
 
 
renovate.json
renovate.json
 
 

Repository files navigation

Azure-Resource-Locks

For maintaining Azure resource lock configuration and automation

These are used to protect from automation gone wrong against resources that have persistent data that we really don't want accidentally deleted.

Resource types

Currently the resource locks are applied to resource groups which have the following resource types:

  • Storage
  • Key Vault
  • SQL Databases
  • APP Insights
  • Static IPs
  • Azure Firewall
  • SaaS Resources
  • Virtual Wan
  • CosmosDB
  • Frontdoor
  • App Gateways
  • Private DNS Zones

The list could be extended by adding || contains(type, '<<resource type>>')) to the JSONPATH in the enable-resource-locking.sh

Pipeline jobs

  • Enable-resource-locks

    Scheduled to run every 3 hours for the environments below

    • CNP-DEV
    • CNP-Prod
    • SDS-STG
    • SDS-PROD
    • HUB-PROD
    • HUB-NONPROD
    • DCD-CFT-PROD
    • REFORM-CFT-MGMT

  • Disable-resource-locks

    • Select the subscription and resource group(s) to run against from the job parameters

Exempt from autolocking

To avoid your resources from being auto locked, you can use the exemptFromAutoLock tag on the resource group:

exemptFromAutoLock = true

About

For maintaining azure resource lock configuration and automation

Resources

Readme

Contributing

Contributing
Activity
Custom properties

Stars

0 stars

Watchers

42 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages