Exam AZ-900 topic 1 question 72 discussion

You can assign a policy to any scope that you have access to, such as a management group, subscription, or resource group. However, you cannot assign a policy directly to an individual resource. You can assign a lock on every Azure resource that you have access to. You can apply a lock at different levels of scope: subscription, resource group, or individual resource. So, the right answer is "Lock"!

Its Policy just because the term “assign” might not be the best fit for lock. Lock is applied not assigned

The answer should be Policy instead of Lock, These locks apply to all users and roles, but do not apply to all resources. but Policy could be applied to all resources

assign -> policy

Policy it is. "Once your business rules have been formed, the policy definition or initiative is assigned to any scope of resources that Azure supports, such as management groups, subscriptions, resource groups, or individual resources." https://learn.microsoft.com/en-us/azure/governance/policy/overview F*ck those who say not applicable to individual resources

why is not policy?

https://learn.microsoft.com/en-us/azure/governance/policy/overview Once your business rules have been formed, the policy definition or initiative is assigned to any scope of resources that Azure supports, such as management groups, subscriptions, resource groups, or individual resources https://learn.microsoft.com/en-us/azure/azure-resource-manager/management/lock-resources?tabs=json As an administrator, you can lock an Azure subscription, resource group, or resource to protect them from accidental user deletions and modifications. The lock overrides any user permissions. Seems both Lock and Policy are right answers

Policy https://learn.microsoft.com/en-us/answers/questions/1086208/assign-policy-to-specific-resource-in-azure

Lock is correct answer - confirmed from ChatGPT

Azure Policies can be set at each level, enabling you to set policies on a specific resource, resource group, subscription, and so on. reference: https://learn.microsoft.com/en-us/training/modules/describe-features-tools-azure-for-governance-compliance/3-describe-purpose-of-azure-policy Resource locks can be applied to individual resources, resource groups, or even an entire subscription. reference:https://learn.microsoft.com/en-us/training/modules/describe-features-tools-azure-for-governance-compliance/4-describe-purpose-of-resource-locks both policy and resource lock can be applied to individual resource. either this question is a multiple choice or I would say policy. why not the lock? because it is just lock and not precised enough as "resource lock"

This comment thread seems to be fairly new... There doesn't seem to be any Microsoft resource online that suggests that either POLICIES or LOCKS cannot be applied to every resource. This may have originally been a multi-choice question. So, LOCK and POLICY are both correct...? Unless I'm proven wrong - provide a source.

ANSWER : POLICY ! DONE GO TO NEXT QST

I think "Lock" is more like to be the answer. because I think some types of resource is not able to assign "Policy". but I am not so sure.

"Lock" seems to be correct here, from what I can tell "To view, add, or delete locks in the Azure portal, go to the Settings section of any resource's Settings pane in the Azure portal." Sauce: https://learn.microsoft.com/en-us/training/modules/describe-features-tools-azure-for-governance-compliance/4-describe-purpose-of-resource-locks

"Policy" The correct answer is "Azure Policy". Azure Policies can be assigned to every resource in Azure to enforce rules and effects, helping you prevent IT issues. Other options like Azure Locks, Azure Blueprints, and Azure Service Endpoints have certain limitations or specific use cases and cannot be assigned to absolutely every resource in Azure.

Como administrador, puede bloquear una suscripción, un grupo de recursos o un recurso de Azure para protegerlos de eliminaciones y modificaciones accidentales del usuario