Undeletable Data

Occasional Contributor

Hello,

We have been doing some risk assessment for our company and we would like to utilize Azure to store backups that cannot be deleted by admins, but only by expiring.

 

I have investigated Azure Management Locks, but the admins have the power to remove the locks and then delete the data within it. Is there any service within Azure that I can upload backups and ensure that even the admins - say only a member of management, can delete the backups? Maybe even auto-delete after a set time?

1 Reply
Hi,

I guess the right solution for you is deny assignments.
But keep in mind, you can only configure that service (at the moment) via Azure Blueprint.

https://docs.microsoft.com/en-us/azure/role-based-access-control/deny-assignments-portal

regards,
Hannes