Hi, Attya
You can configure Resource Guard, on your Azure Recovery Vault; Resource Guard adds PIM (Privileged Identity Management) in front of Backup operations, such as Delete, etc. You can add approvals as well. Forcing MFA to occur, and if needed multiple users to approve any change.
You can also adjust the vault to be immutable. Making the vault immutable, will prevent anything from being deleted, before the Azure policy, and retention period for that backup expired. Keep in mind, this can cause unforeseen effects, like cost growout, etc, but you can lock the immutability to prevent any changes, even from a person with GA rights.