✎ Co-Author — Amit Damle
❑ Overview
In part1 of the story, we looked at how to use “CanNotDelete” lock in Azure to prevent accidental or malicious deletion of our most important resources, but there could be scenarios where owner accidently removes an already applied lock. In this story, I will cover how to configure alerts to notify operations team that the lock is removed.
❑ Configure alerts
This can be achieved in 3 simple steps -
➀ Configure Alert Rule for the resource
➁ Create Action group for notification
➂ Test the configuration
✒ Following are the detailed steps -
➀ Configure Alert Rule for the resource
➊ Select the Resource Group wherein deletion of lock needs to be monitored. Select “Alerts” & create a “New alert rules”
➋ Check the scope, click “Add condition” & type lock in search to select “Delete management locks (Microsoft Authorization/locks)
➁ Create Action Group for notification
➌ Click “Add action groups” & “Create action group”
➍ Enter “Action group name” & “Display name” & click “Next: Notifications”. Action group is a collection of notification preferences defined by the owner of an Azure subscription.
➎ Enter “Notification name” & “Email” to provide notification. Once done click on “Review + create”. Please note — In your case this could be an email group as well.
➏ Enter “Alert rule name”, “Description” & select “Enable alert rule upon creation”
Note — Please wait for few minutes for changes to be shown. Also wait for below notification
➂ Test the configuration
➐ Now lets remove/delete the lock & check if we are getting notification. Go to Resource group & click on “Locks” & select “Delete”
Below notification email is received
We have learnt how to setup alerts if the locks are removed. We can also setup actions to lock the resource again if it is unlocked. This statergy depends on the organization policy.
I hope this blog helped you in learning how to configure alerts to notify operations team that the lock is removed. Happy Learning!!!
Please Note — All opinions expressed here are my personal views and not of my employer.
Thought of the moment-
“The beautiful thing about learning is that nobody can take it away from you.” — B.B. King
