pulumi-azure-native-kotlin/com.pulumi.azurenative.resources.kotlin.inputs/DenySettingsArgs

DenySettingsArgs

data class DenySettingsArgs(val applyToChildScopes: Output<Boolean>? = null, val excludedActions: Output<List<String>>? = null, val excludedPrincipals: Output<List<String>>? = null, val mode: Output<Either<String, DenySettingsMode>>) : ConvertibleToJava<DenySettingsArgs>

Defines how resources deployed by the Deployment stack are locked.

Constructors

Link copied to clipboard
constructor(applyToChildScopes: Output<Boolean>? = null, excludedActions: Output<List<String>>? = null, excludedPrincipals: Output<List<String>>? = null, mode: Output<Either<String, DenySettingsMode>>)

Properties

Link copied to clipboard
val applyToChildScopes: Output<Boolean>? = null

DenySettings will be applied to child resource scopes of every managed resource with a deny assignment.

Link copied to clipboard
val excludedActions: Output<List<String>>? = null

List of role-based management operations that are excluded from the denySettings. Up to 200 actions are permitted. If the denySetting mode is set to 'denyWriteAndDelete', then the following actions are automatically appended to 'excludedActions': '*\/read' and 'Microsoft.Authorization/locks/delete'. If the denySetting mode is set to 'denyDelete', then the following actions are automatically appended to 'excludedActions': 'Microsoft.Authorization/locks/delete'. Duplicate actions will be removed.

Link copied to clipboard
val excludedPrincipals: Output<List<String>>? = null

List of AAD principal IDs excluded from the lock. Up to 5 principals are permitted.

Link copied to clipboard
val mode: Output<Either<String, DenySettingsMode>>

denySettings Mode that defines denied actions.

Functions

Link copied to clipboard
open override fun toJava(): DenySettingsArgs