pulumi-azure-native-kotlin/com.pulumi.azurenative.resources.kotlin.outputs/DenySettingsResponse

DenySettingsResponse

data class DenySettingsResponse(val applyToChildScopes: Boolean? = null, val excludedActions: List<String>? = null, val excludedPrincipals: List<String>? = null, val mode: String)

Defines how resources deployed by the Deployment stack are locked.

Constructors

Link copied to clipboard
constructor(applyToChildScopes: Boolean? = null, excludedActions: List<String>? = null, excludedPrincipals: List<String>? = null, mode: String)

Types

Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val applyToChildScopes: Boolean? = null

DenySettings will be applied to child resource scopes of every managed resource with a deny assignment.

Link copied to clipboard
val excludedActions: List<String>? = null

List of role-based management operations that are excluded from the denySettings. Up to 200 actions are permitted. If the denySetting mode is set to 'denyWriteAndDelete', then the following actions are automatically appended to 'excludedActions': '*\/read' and 'Microsoft.Authorization/locks/delete'. If the denySetting mode is set to 'denyDelete', then the following actions are automatically appended to 'excludedActions': 'Microsoft.Authorization/locks/delete'. Duplicate actions will be removed.

Link copied to clipboard
val excludedPrincipals: List<String>? = null

List of AAD principal IDs excluded from the lock. Up to 5 principals are permitted.

Link copied to clipboard
val mode: String

denySettings Mode that defines denied actions.