Can't delete Storage Account Private Endpoint due to resource lock
When you configure Backups on a Storage Account File Share, the automation creates a Delete Resource Lock on the SA. Microsoft public documentation for File Share Backup states that "Best Practice" is to NOT remove the resource lock (reference: https://docs.microsoft.com/en-us/azure/backup/backup-afs#best-practices)
However, this resource lock prevents deletion of a PE attached to the same SA. For a user to delete the PE, they first have to delete the lock, which goes against the best practice. This can add significant management overhead and diminishes the usability of Private Endpoint. Every time a Private Endpoint creator wants to delete their Private Endpoint, they need to contact the Storage Account owner to remove the resource lock.