Welcome to the Microsoft Q&A forum. As configuring Bastion for Kerberos authentication is currently in public preview the Kerberos setting for Azure Bastion can be configured in the Azure portal only. This is currently documented here in consideration section.
If it helps you can assign RBAC roles to the users denying them access in enabling this feature. Additional reference: https://video2.skills-academy.com/en-us/azure/bastion/bastion-faq#roles Hope this helps! Please let me know if you have any additional questions.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.