pulumi-azure-native-kotlin/com.pulumi.azurenative.resources.kotlin.inputs/DenySettingsArgs

DenySettingsArgs

data class DenySettingsArgs(val applyToChildScopes: Output<Boolean>? = null, val excludedActions: Output<List<String>>? = null, val excludedPrincipals: Output<List<String>>? = null, val mode: Output<Either<String, DenySettingsMode>>) : ConvertibleToJava<DenySettingsArgs>

/* Defines how resources deployed by the deployment stack are locked.

Constructors

DenySettingsArgs

fun DenySettingsArgs(applyToChildScopes: Output<Boolean>? = null, excludedActions: Output<List<String>>? = null, excludedPrincipals: Output<List<String>>? = null, mode: Output<Either<String, DenySettingsMode>>)

Functions

toJava

open override fun toJava(): DenySettingsArgs

Properties

applyToChildScopes

val applyToChildScopes: Output<Boolean>? = null

DenySettings will be applied to child scopes.

excludedActions

val excludedActions: Output<List<String>>? = null

List of role-based management operations that are excluded from the denySettings. Up to 200 actions are permitted. If the denySetting mode is set to 'denyWriteAndDelete', then the following actions are automatically appended to 'excludedActions': '*/read' and 'Microsoft.Authorization/locks/delete'. If the denySetting mode is set to 'denyDelete', then the following actions are automatically appended to 'excludedActions': 'Microsoft.Authorization/locks/delete'. Duplicate actions will be removed.

excludedPrincipals

val excludedPrincipals: Output<List<String>>? = null

List of AAD principal IDs excluded from the lock. Up to 5 principals are permitted.

mode

val mode: Output<Either<String, DenySettingsMode>>

denySettings Mode.