To delete resource groups created from my personal account - facing deny error

The deny error is caused by a deny assignment or blueprint-style lock on the resource group, not by classic resource locks. As long as that deny assignment exists, delete operations on the resource group and its resources are blocked, even if there are no visible locks.

For Azure Databricks–related resource groups, these deny assignments are typically created and managed by the platform (for example, via blueprints or governance policies). They must be removed or changed at the policy/assignment level by an account or subscription administrator; they cannot be bypassed from within the resource group itself.

Key points based on the provided information:

1. Deleting a resource group
   • Normal deletion is done with:
     • Azure CLI: az group delete --name <resourceGroupName>
     • PowerShell: Remove-AzResourceGroup -Name "<resourceGroupName>"
   • When a deny assignment is in place (for example, from a blueprint lock in Read Only mode), delete operations on the resource group fail until that deny assignment is removed or updated.
2. Deny assignments vs. locks
   • Classic locks (CanNotDelete / ReadOnly) are managed with New-AzResourceLock, Get-AzResourceLock, and Remove-AzResourceLock and are visible under Locks on the resource group.
   • Blueprint/governance-based locks use deny assignments. These appear under Access control (IAM) → Deny assignments on the resource group. When a deny assignment blocks * actions (except */read), delete operations are denied.
   • In the blueprint example, the deny assignment is what prevents deletion of the resource group until the blueprint assignment is changed or removed.
3. What is required to delete these Databricks resource groups
   • An owner or administrator at the subscription/tenant level must:
     • Identify the blueprint/policy or Databricks governance configuration that created the deny assignment.
     • Remove or modify that assignment so that delete operations are no longer denied.
   • After the deny assignment is removed, the resource group can be deleted using the standard commands above or via the portal.
4. Creating new resource groups
   • New resource groups can be created at any time, regardless of whether the old ones are still present, as long as subscription limits are not exceeded:
     • Azure CLI: az group create --name MyResourceGroup --location <region>
   • However, if the same blueprint, policy, or Databricks governance configuration is still applied, new resource groups may receive similar deny assignments and behave the same way.
5. Databricks group removal note
   • Removing groups from an Azure Databricks account has separate implications (loss of workspace access, job failures, etc.) and does not by itself remove Azure Resource Manager deny assignments on resource groups. Those must still be handled at the Azure RBAC/blueprint/policy level.

In summary: yes, new resource groups can be created, but to delete the existing Databricks-related resource groups, the deny assignment (likely from a blueprint or governance configuration) must be removed or updated by an appropriate administrator; standard delete commands will continue to fail until that is done.

References:

• Manage Azure resource groups by using Azure PowerShell
• Azure Resource Manager resource group and resource deletion
• Manage Azure resource groups by using Azure CLI
• How to manage Azure resource groups with the Azure CLI
• Tutorial: Protect new resources with Azure Blueprints resource locks
• Manage groups
• Use the Azure portal and Azure Resource Manager to manage resource groups