I am trying to lock down our build and deployment configuration to production to only allow build administrators access to do this. I thought what I'd do is Deny Contributors and My Team queue build access.
I am a part of the contributors group as well, however when I tried to kick off this build it is saying access is denied.
What might I be doing wrong so that I can build and deploy to production with the build administrators group by denying constributors this ability?
Explicit deny permissions take precedence over all other explicitly or implicitly set permissions.
If you want to deny all users access to something by default, clear any explicit allows so that the permission is "Not Set". "Not Set" is an implicit deny. Then, you can add explicit "Allow" permissions as necessary for the users or groups you want to have access.