# Disable Locks

Azure [resource locks](https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources) protect important cloud resources from being changed or deleted.

There are two types of locks:

* **CanNotDelete**: Allows changes but prevents deletion
* **ReadOnly**: Allows viewing but blocks changes and deletion

If you have set up Azure resource locks, you should enable the **Disable Locks** setting when integrating Apono with Azure Subscriptions or Management Groups. The **Disable Locks** setting allows Apono to temporarily remove and later restore locks in order to complete grant or revoke operations on protected resources. To support this, the Apono connector must also be assigned the **Tag Contributo**r role at the appropriate scope, allowing it to add a tag marker to locked resources.

<figure><img src="/files/YN5oXCjgzYqs3wgYWNCo" alt="" width="563"><figcaption><p>Disable Locks setting</p></figcaption></figure>

When **Disable Locks** is enabled, Apono performs the following operations during access provisioning or revocation:

1. Checks the target resource and its parent scopes for existing locks.
2. Adds a tag marker to the resource, if a lock exists.
3. Removes the lock.
4. Grants or revokes access. *(Delete-locked resources cannot be granted access.)*
5. Reapplies the lock.

If the connector fails after removing a lock but before reapplying it, the tag ensures the lock will be restored upon connector restart.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.apono.io/docs/azure-environment/apono-connector-for-azure/disable-locks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.