Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
When you deploy resources to Azure, the deployment details are recorded in the deployment history at the scope where the deployment occurs. Each scope—whether it's a resource group, subscription, management group, tenant—can store up to 800 deployments in its history. Once this limit is reached, Azure automatically deletes the oldest deployments to make space for new ones. This automatic cleanup process was implemented on August 6, 2020.
Note
Deleting a deployment from the history doesn't affect any of the resources that were deployed.
Overview of automatic deployment history deletions
Deployments are deleted from your history when you exceed 700 deployments. Azure Resource Manager deletes deployments until the history is down to 600. The oldest deployments are always deleted first.
Important
If your scope is already at the 800 limit, your next deployment fails with an error. The automatic deletion process starts immediately. You can try your deployment again after a short wait.
In addition to deployments, you also trigger deletions when you run the what-if operation or validate a deployment.
When you give a deployment the same name as one in the history, you reset its place in the history. The deployment moves to the most recent place in the history. You also reset a deployment's place when you roll back to that deployment after an error.
Permissions required for automatic deletions
The deletions are requested under the identity of the user who deployed the template. To delete deployments, the user must have access to the Microsoft.Resources/deployments/delete action. If the user doesn't have the required permissions, deployments aren't deleted from the history.
If the current user doesn't have the required permissions, automatic deletion is attempted again during the next deployment.
Handling resource locks
If you have a CanNotDelete lock on a resource group or a subscription, the deployments for that scope can't be automatically deleted. To enable automatic cleanup of the deployment history, you need to remove the lock.
To delete a resource group lock, run the following commands:
$lockId = (Get-AzResourceLock -ResourceGroupName lockedRG).LockId
Remove-AzResourceLock -LockId $lockId
To delete a resource group lock, run the following commands:
Opting out of automatic deletions
You can opt out of automatic deletion to manually manage your deployment history. Use this option cautiously, as the 800-deployment limit remains enforced, and exceeding it causes deployment failures.
Important
Opting out is available only for subscription scopes, as it's controlled by the subscription-level Microsoft.Resources/DisableDeploymentGrooming
feature flag. You can't opt out for only a particular resource group. For tenant or management group scopes, open a support ticket to disable automatic deletion.
To disable automatic deletion at the subscription scope (affects all resource groups within it):
For PowerShell, use Register-AzProviderFeature.
Register-AzProviderFeature -ProviderNamespace Microsoft.Resources -FeatureName DisableDeploymentGrooming
To see the current status of your subscription, use:
Get-AzProviderFeature -ProviderNamespace Microsoft.Resources -FeatureName DisableDeploymentGrooming
To reenable automatic deletions, use Azure REST API or Azure CLI.
Next steps
- To learn about viewing the deployment history, see View deployment history with Azure Resource Manager.