exec.azurerm.resource.management_lock¶
Azure Resource Manager (ARM) Management Lock Execution Module
New in version 1.0.0.
maintainer: | |
---|---|
configuration: | This module requires Azure Resource Manager credentials to be passed as keyword arguments to every function or via acct in order to work properly. Required provider parameters:
Optional provider parameters: cloud_environment: Used to point the cloud driver to different API endpoints, such as Azure GovCloud. Possible values:
|
-
idem_azurerm.exec.azurerm.resource.management_lock.
create_or_update_at_resource_group_level
(hub, ctx, name, resource_group, lock_level, notes=None, owners=None, **kwargs)¶ New in version 1.0.0.
Creates or updates a management lock at the resource group level. When you apply a lock at a parent scope, all child resources inherit the same lock. To create management locks, you must have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* actions.
Parameters: - name – The name of the lock. The lock name can be a maximum of 260 characters. It cannot contain <, > %, &, :, ?, /, or any control characters.
- resource_group – The name of the resource group.
- lock_level – The level of the lock. Possible values are: ‘NotSpecified’, ‘CanNotDelete’, & ‘ReadOnly’. CanNotDelete means authorized users are able to read and modify the resources, but not delete. ReadOnly means authorized users can only read from a resource, but they can’t modify or delete it.
- notes – An optional string representing notes about the lock. Maximum of 512 characters.
- owners – An optional list of strings representing owners of the lock. Each string represents the application id of the lock owner.
CLI Example:
azurerm.resource.management_lock.create_or_update_at_resource_group_level test_name test_group test_level
-
idem_azurerm.exec.azurerm.resource.management_lock.
create_or_update_at_resource_level
(hub, ctx, name, lock_level, resource_group, resource, resource_type, resource_provider_namespace, parent_resource_path=None, notes=None, owners=None, **kwargs)¶ New in version 1.0.0.
Creates or updates a management lock at the resource level or any level below the resource. When you apply a lock at a parent scope, all child resources inherit the same lock. To create management locks, you must have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* actions.
Parameters: - name – The name of the lock. The lock name can be a maximum of 260 characters. It cannot contain <, > %, &, :, ?, /, or any control characters.
- lock_level – The level of the lock. Possible values are: ‘NotSpecified’, ‘CanNotDelete’, & ‘ReadOnly’. CanNotDelete means authorized users are able to read and modify the resources, but not delete. ReadOnly means authorized users can only read from a resource, but they can’t modify or delete it.
- resource_group – The name of the resource group containing the resource to lock.
- resource – The name of the resource to lock.
- resource_type – The resource type of the resource to lock.
- resource_provider_namespace – The resource provider namespace of the resource to lock.
- parent_resource_path – The parent resource identity.
- notes – An optional string representing notes about the lock. Maximum of 512 characters.
- owners – An optional list of strings representing owners of the lock. Each string represents the application id of the lock owner.
CLI Example:
azurerm.resource.management_lock.create_or_update_at_resource_level test_name test_level test_group test_resource test_type test_namespace
-
idem_azurerm.exec.azurerm.resource.management_lock.
create_or_update_at_subscription_level
(hub, ctx, name, lock_level, notes=None, owners=None, **kwargs)¶ New in version 1.0.0.
Creates or updates a management lock at the subscription level. When you apply a lock at a parent scope, all child resources inherit the same lock. To create management locks, you must have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* actions.
Parameters: - name – The name of the lock. The lock name can be a maximum of 260 characters. It cannot contain <, > %, &, :, ?, /, or any control characters.
- lock_level – The level of the lock. Possible values are: ‘NotSpecified’, ‘CanNotDelete’, & ‘ReadOnly’. CanNotDelete means authorized users are able to read and modify the resources, but not delete. ReadOnly means authorized users can only read from a resource, but they can’t modify or delete it.
- notes – An optional string representing notes about the lock. Maximum of 512 characters.
- owners – An optional list of strings representing owners of the lock. Each string represents the application id of the lock owner.
CLI Example:
azurerm.resource.management_lock.create_or_update_at_subscription_level test_name test_level
-
idem_azurerm.exec.azurerm.resource.management_lock.
create_or_update_by_scope
(hub, ctx, name, scope, lock_level, notes=None, owners=None, **kwargs)¶ New in version 1.0.0.
Create or update a management lock by scope. When you apply a lock at a parent scope, all child resources inherit the same lock. To create management locks, you must have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* actions.
Parameters: - name – The name of the lock. The lock name can be a maximum of 260 characters. It cannot contain <, > %, &, :, ?, /, or any control characters.
- scope – The scope for the lock. When providing a scope for the assignment, use ‘/subscriptions/{subscriptionId}’ for subscriptions, ‘/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}’ for resource groups, and ‘/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePathIfPresent}/{resourceType}/{resourceName}’ for resources.
- lock_level – The level of the lock. Possible values are: ‘NotSpecified’, ‘CanNotDelete’, & ‘ReadOnly’. CanNotDelete means authorized users are able to read and modify the resources, but not delete. ReadOnly means authorized users can only read from a resource, but they can’t modify or delete it.
- notes – An optional string representing notes about the lock. Maximum of 512 characters.
- owners – An optional list of strings representing owners of the lock. Each string represents the application id of the lock owner.
CLI Example:
azurerm.resource.management_lock.create_or_update_by_scope test_name test_scope test_level
-
idem_azurerm.exec.azurerm.resource.management_lock.
delete_at_resource_group_level
(hub, ctx, name, resource_group, **kwargs)¶ New in version 1.0.0.
Deletes a management lock at the resource group level. To delete management locks, you must have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* actions.
Parameters: - name – The name of the lock to be deleted.
- resource_group – The name of the resource group.
CLI Example:
azurerm.resource.management_lock.delete_at_resource_group_level test_name test_group
-
idem_azurerm.exec.azurerm.resource.management_lock.
delete_at_resource_level
(hub, ctx, name, resource_group, resource, resource_type, resource_provider_namespace, parent_resource_path=None, **kwargs)¶ New in version 1.0.0.
Deletes the management lock of a resource or any level below the resource. When you apply a lock at a parent scope, all child resources inherit the same lock. To delete management locks, you must have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* actions.
Parameters: - name – The name of the lock to delete.
- resource_group – The name of the resource group containing the resource with the lock to delete.
- resource – The name of the resource with the lock to delete.
- resource_type – The resource type of the resource with the lock to delete.
- resource_provider_namespace – The resource provider namespace of the resource with the lock to delete.
- parent_resource_path – The parent resource identity.
CLI Example:
azurerm.resource.management_lock.delete_at_resource_level test_name test_group test_resource test_type test_namespace
-
idem_azurerm.exec.azurerm.resource.management_lock.
delete_at_subscription_level
(hub, ctx, name, **kwargs)¶ New in version 1.0.0.
Deletes the management lock at the subscription level. To delete management locks, you must have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* actions.
Parameters: name – The name of the lock to be deleted. CLI Example:
azurerm.resource.management_lock.delete_at_subscription_level test_name
-
idem_azurerm.exec.azurerm.resource.management_lock.
delete_by_scope
(hub, ctx, name, scope, **kwargs)¶ New in version 1.0.0.
Delete a management lock by scope. To delete management locks, you must have access to Microsoft.Authorization/* or Microsoft.Authorization/locks/* actions.
Parameters: - name – The name of the lock to be deleted.
- scope – The scope for the lock. When providing a scope for the assignment, use ‘/subscriptions/{subscriptionId}’ for subscriptions, ‘/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}’ for resource groups, and ‘/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePathIfPresent}/{resourceType}/{resourceName}’ for resources.
CLI Example:
azurerm.resource.management_lock.delete_by_scope test_name test_scope
-
idem_azurerm.exec.azurerm.resource.management_lock.
get_at_resource_group_level
(hub, ctx, name, resource_group, **kwargs)¶ New in version 1.0.0.
Gets a management lock at the resource group level.
Parameters: - name – The name of the lock to get.
- resource_group – The name of the resource group.
CLI Example:
azurerm.resource.management_lock.get_at_resource_group_level test_name test_group
-
idem_azurerm.exec.azurerm.resource.management_lock.
get_at_resource_level
(hub, ctx, name, resource_group, resource, resource_type, resource_provider_namespace, parent_resource_path=None, **kwargs)¶ New in version 1.0.0.
Get the management lock of a resource or any level below resource.
Parameters: - name – The name of the lock.
- resource_group – The name of the resource group.
- resource – The name of the resource.
- resource_type – The type of the resource.
- resource_provider_namespace – The namespace of the resource provider.
- parent_resource_path – The parent resource identity.
CLI Example:
azurerm.resource.management_lock.get_at_resource_level test_name test_group test_resource test_type test_namespace
-
idem_azurerm.exec.azurerm.resource.management_lock.
get_at_subscription_level
(hub, ctx, name, **kwargs)¶ New in version 1.0.0.
Gets a management lock at the subscription level.
Parameters: name – The name of the lock to get. CLI Example:
azurerm.resource.management_lock.get_at_subscription_level test_name
-
idem_azurerm.exec.azurerm.resource.management_lock.
get_by_scope
(hub, ctx, name, scope, **kwargs)¶ New in version 1.0.0.
Get a management lock by scope.
Parameters: - name – The name of the lock to get.
- scope – The scope for the lock. When providing a scope for the assignment, use ‘/subscriptions/{subscriptionId}’ for subscriptions, ‘/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}’ for resource groups, and ‘/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePathIfPresent}/{resourceType}/{resourceName}’ for resources.
CLI Example:
azurerm.resource.management_lock.get_by_scope test_name test_scope
-
idem_azurerm.exec.azurerm.resource.management_lock.
list_at_resource_group_level
(hub, ctx, resource_group, **kwargs)¶ New in version 1.0.0.
Gets all the management locks for a resource group.
Parameters: resource_group – The name of the resource group containing the locks to get. CLI Example:
azurerm.resource.management_lock.list_at_resource_group_level test_group
-
idem_azurerm.exec.azurerm.resource.management_lock.
list_at_resource_level
(hub, ctx, resource_group, resource, resource_type, resource_provider_namespace, parent_resource_path=None, **kwargs)¶ New in version 1.0.0.
Get the management lock of a resource or any level below resource.
Parameters: - resource_group – The name of the resource group.
- resource – The name of the resource.
- resource_type – The type of the resource.
- resource_provider_namespace – The namespace of the resource provider.
- parent_resource_path – The parent resource identity.
CLI Example:
azurerm.resource.management_lock.list_at_resource_level test_group test_resource test_type test_namespace
-
idem_azurerm.exec.azurerm.resource.management_lock.
list_at_subscription_level
(hub, ctx, **kwargs)¶ New in version 1.0.0.
Gets all the management locks for a subscription.
CLI Example:
azurerm.resource.management_lock.list_at_subscription_level
-
idem_azurerm.exec.azurerm.resource.management_lock.
list_by_scope
(hub, ctx, scope, **kwargs)¶ New in version 1.0.0.
Gets all the management locks for a scope.
Parameters: scope – The scope for the lock. When providing a scope for the assignment, use ‘/subscriptions/{subscriptionId}’ for subscriptions, ‘/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}’ for resource groups, and ‘/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{parentResourcePathIfPresent}/{resourceType}/{resourceName}’ for resources. CLI Example:
azurerm.resource.management_lock.list_by_scope test_scope