Package com.azure.resourcemanager.resources.models

Class DenySettings

java.lang.Object
com.azure.resourcemanager.resources.models.DenySettings
public final class DenySettings extends Object
Defines how resources deployed by the Deployment stack are locked.

  • Constructor Details

    • DenySettings

      public DenySettings()
      Creates an instance of DenySettings class.

  • Method Details

    • mode

      public DenySettingsMode mode()
      Get the mode property: denySettings Mode that defines denied actions.
      Returns:
      the mode value.

    • withMode

      public DenySettings withMode(DenySettingsMode mode)
      Set the mode property: denySettings Mode that defines denied actions.
      Parameters:
      mode - the mode value to set.
      Returns:
      the DenySettings object itself.

    • excludedPrincipals

      public List<String> excludedPrincipals()
      Get the excludedPrincipals property: List of AAD principal IDs excluded from the lock. Up to 5 principals are permitted.
      Returns:
      the excludedPrincipals value.

    • withExcludedPrincipals

      public DenySettings withExcludedPrincipals(List<String> excludedPrincipals)
      Set the excludedPrincipals property: List of AAD principal IDs excluded from the lock. Up to 5 principals are permitted.
      Parameters:
      excludedPrincipals - the excludedPrincipals value to set.
      Returns:
      the DenySettings object itself.

    • excludedActions

      public List<String> excludedActions()
      Get the excludedActions property: List of role-based management operations that are excluded from the denySettings. Up to 200 actions are permitted. If the denySetting mode is set to 'denyWriteAndDelete', then the following actions are automatically appended to 'excludedActions': '*\/read' and 'Microsoft.Authorization/locks/delete'. If the denySetting mode is set to 'denyDelete', then the following actions are automatically appended to 'excludedActions': 'Microsoft.Authorization/locks/delete'. Duplicate actions will be removed.
      Returns:
      the excludedActions value.

    • withExcludedActions

      public DenySettings withExcludedActions(List<String> excludedActions)
      Set the excludedActions property: List of role-based management operations that are excluded from the denySettings. Up to 200 actions are permitted. If the denySetting mode is set to 'denyWriteAndDelete', then the following actions are automatically appended to 'excludedActions': '*\/read' and 'Microsoft.Authorization/locks/delete'. If the denySetting mode is set to 'denyDelete', then the following actions are automatically appended to 'excludedActions': 'Microsoft.Authorization/locks/delete'. Duplicate actions will be removed.
      Parameters:
      excludedActions - the excludedActions value to set.
      Returns:
      the DenySettings object itself.

    • applyToChildScopes

      public Boolean applyToChildScopes()
      Get the applyToChildScopes property: DenySettings will be applied to child resource scopes of every managed resource with a deny assignment.
      Returns:
      the applyToChildScopes value.

    • withApplyToChildScopes

      public DenySettings withApplyToChildScopes(Boolean applyToChildScopes)
      Set the applyToChildScopes property: DenySettings will be applied to child resource scopes of every managed resource with a deny assignment.
      Parameters:
      applyToChildScopes - the applyToChildScopes value to set.
      Returns:
      the DenySettings object itself.

    • validate

      public void validate()
      Validates the instance.
      Throws:
      IllegalArgumentException - thrown if the instance is not valid.