All resources must be in a resource group and a resource can only be a member of a single resource group.
If you delete a resource group, all resources container within are also deleted.
Resource groups are a scope for applying RBAC to limit access to allow only what is needed
A resource can have up to 50 tags
Tags can be used to group billing data or to keep track of usage for different projects
Not all resources support tags, so you need to check if your resource supports them
Resource locks can be either:
Delete - Allow all operations against the resource but block the ability to delete it
Read-only - Only allow read activities to be performed against it, blocking any modification or deletion of the resource