From 55c3979124d193ab8cd4c5409a3e9f67739ca571 Mon Sep 17 00:00:00 2001 From: Arvind Krishnaa J Date: Fri, 2 Oct 2020 16:11:49 -0700 Subject: [PATCH] [Data plane][Azure Cognitive Search] Add encryptionKey property to indexer, datasource and skillset metadata (#10839) * Add encryption key to indexer, datasource and skillset metadata in 2020-06-30 API version * Add encryption key to indexer, datasource and skillset metadata in 2020-06-30-preview API version * change indexer description * Fix examples Co-authored-by: Arvind Krishnaa Jagannathan --- .../SearchServiceCreateDataSource.json | 18 ++++++++++++++ .../examples/SearchServiceCreateIndexer.json | 20 +++++++++++++++- ...SearchServiceCreateOrUpdateDataSource.json | 18 ++++++++++++++ .../SearchServiceCreateOrUpdateIndexer.json | 22 +++++++++++++++-- .../SearchServiceCreateOrUpdateSkillset.json | 24 ++++++++++++++++--- .../examples/SearchServiceCreateSkillset.json | 22 +++++++++++++++-- .../examples/SearchServiceGetDataSource.json | 9 +++++++ .../examples/SearchServiceGetIndexer.json | 11 ++++++++- .../examples/SearchServiceGetSkillset.json | 11 ++++++++- .../SearchServiceListDataSources.json | 9 +++++++ .../examples/SearchServiceListIndexers.json | 11 ++++++++- .../examples/SearchServiceListSkillsets.json | 11 ++++++++- .../2020-06-30-Preview/searchservice.json | 24 +++++++++++++++++++ .../SearchServiceCreateDataSource.json | 18 ++++++++++++++ .../examples/SearchServiceCreateIndexer.json | 24 ++++++++++++++++--- ...SearchServiceCreateOrUpdateDataSource.json | 18 ++++++++++++++ .../SearchServiceCreateOrUpdateIndexer.json | 22 +++++++++++++++-- .../SearchServiceCreateOrUpdateSkillset.json | 24 ++++++++++++++++--- .../examples/SearchServiceCreateSkillset.json | 22 +++++++++++++++-- .../examples/SearchServiceGetDataSource.json | 9 +++++++ .../examples/SearchServiceGetIndexer.json | 11 ++++++++- .../examples/SearchServiceGetSkillset.json | 11 ++++++++- .../SearchServiceListDataSources.json | 9 +++++++ .../examples/SearchServiceListIndexers.json | 11 ++++++++- .../examples/SearchServiceListSkillsets.json | 11 ++++++++- .../preview/2020-06-30/searchservice.json | 24 +++++++++++++++++++ 26 files changed, 398 insertions(+), 26 deletions(-) diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateDataSource.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateDataSource.json index a0bc601ee5ea..c0d726305984 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateDataSource.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateDataSource.json @@ -21,6 +21,15 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": "myapplicationsecret" + } } } }, @@ -45,6 +54,15 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateIndexer.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateIndexer.json index b1f9576ade36..291cef4b0e2f 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateIndexer.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateIndexer.json @@ -14,6 +14,15 @@ "parameters": { "maxFailedItems": 10, "maxFailedItemsPerBatch": 5 + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": "myapplicationsecret" + } } } }, @@ -33,7 +42,16 @@ "maxFailedItemsPerBatch": 5 }, "fieldMappings": [], - "disabled": false + "disabled": false, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateDataSource.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateDataSource.json index 7e2302b90da9..6f4b6c2a1187 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateDataSource.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateDataSource.json @@ -23,6 +23,12 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null } } }, @@ -47,6 +53,12 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null } } }, @@ -70,6 +82,12 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateIndexer.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateIndexer.json index 4b83952c88db..5998c24569ac 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateIndexer.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateIndexer.json @@ -16,6 +16,12 @@ "parameters": { "maxFailedItems": 10, "maxFailedItemsPerBatch": 5 + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null } } }, @@ -35,7 +41,13 @@ "maxFailedItemsPerBatch": 5 }, "fieldMappings": [], - "disabled": false + "disabled": false, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null + } } }, "201": { @@ -53,7 +65,13 @@ "maxFailedItemsPerBatch": 5 }, "fieldMappings": [], - "disabled": false + "disabled": false, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateSkillset.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateSkillset.json index 8357e13c597c..15352647647d 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateSkillset.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateOrUpdateSkillset.json @@ -109,7 +109,13 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null + } } }, "responses": { @@ -236,7 +242,13 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null + } } }, "201": { @@ -362,7 +374,13 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateSkillset.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateSkillset.json index 5264ef96e53c..2380e1d3c9d0 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateSkillset.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceCreateSkillset.json @@ -109,7 +109,16 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": "myapplicationsecret" + } + } } }, "responses": { @@ -236,7 +245,16 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetDataSource.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetDataSource.json index 4fd21c6cd58d..3fafafb07985 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetDataSource.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetDataSource.json @@ -25,6 +25,15 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetIndexer.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetIndexer.json index 70d220b9442b..898a7db0e17d 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetIndexer.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetIndexer.json @@ -20,7 +20,16 @@ "maxFailedItemsPerBatch": 5 }, "fieldMappings": [], - "disabled": false + "disabled": false, + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetSkillset.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetSkillset.json index bd6392af7e5e..b83367e017e6 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetSkillset.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceGetSkillset.json @@ -128,7 +128,16 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListDataSources.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListDataSources.json index 3730022b8d14..87f3c9bdc657 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListDataSources.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListDataSources.json @@ -27,6 +27,15 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } } } ] diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListIndexers.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListIndexers.json index b3831b233a9a..72b8f9ccbef6 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListIndexers.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListIndexers.json @@ -58,7 +58,16 @@ } } ], - "disabled": false + "disabled": false, + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } ] } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListSkillsets.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListSkillsets.json index 01e212f5eac4..e10b715ef9d0 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListSkillsets.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/examples/SearchServiceListSkillsets.json @@ -130,7 +130,16 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } ] } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/searchservice.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/searchservice.json index 789da827e4d3..8ce6bde3f9a1 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/searchservice.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30-Preview/searchservice.json @@ -5711,6 +5711,14 @@ "x-ms-client-name": "ETag", "type": "string", "description": "The ETag of the data source." + }, + "encryptionKey": { + "$ref": "#/definitions/SearchResourceEncryptionKey", + "description": "A description of an encryption key that you create in Azure Key Vault. This key is used to provide an additional level of encryption-at-rest for your datasource definition when you want full assurance that no one, not even Microsoft, can decrypt your data source definition in Azure Cognitive Search. Once you have encrypted your data source definition, it will always remain encrypted. Azure Cognitive Search will ignore attempts to set this property to null. You can change this property as needed if you want to rotate your encryption key; Your datasource definition will be unaffected. Encryption with customer-managed keys is not available for free search services, and is only available for paid services created on or after January 1, 2019.", + "externalDocs": { + "url": "https://aka.ms/azure-search-encryption-with-cmk" + }, + "x-nullable": true } }, "required": [ @@ -6139,6 +6147,14 @@ "x-ms-client-name": "ETag", "type": "string", "description": "The ETag of the indexer." + }, + "encryptionKey": { + "$ref": "#/definitions/SearchResourceEncryptionKey", + "description": "A description of an encryption key that you create in Azure Key Vault. This key is used to provide an additional level of encryption-at-rest for your indexer definition (as well as indexer execution status) when you want full assurance that no one, not even Microsoft, can decrypt them in Azure Cognitive Search. Once you have encrypted your indexer definition, it will always remain encrypted. Azure Cognitive Search will ignore attempts to set this property to null. You can change this property as needed if you want to rotate your encryption key; Your indexer definition (and indexer execution status) will be unaffected. Encryption with customer-managed keys is not available for free search services, and is only available for paid services created on or after January 1, 2019.", + "externalDocs": { + "url": "https://aka.ms/azure-search-encryption-with-cmk" + }, + "x-nullable": true } }, "required": [ @@ -7083,6 +7099,14 @@ "x-ms-client-name": "ETag", "type": "string", "description": "The ETag of the skillset." + }, + "encryptionKey": { + "$ref": "#/definitions/SearchResourceEncryptionKey", + "description": "A description of an encryption key that you create in Azure Key Vault. This key is used to provide an additional level of encryption-at-rest for your skillset definition when you want full assurance that no one, not even Microsoft, can decrypt your skillset definition in Azure Cognitive Search. Once you have encrypted your skillset definition, it will always remain encrypted. Azure Cognitive Search will ignore attempts to set this property to null. You can change this property as needed if you want to rotate your encryption key; Your skillset definition will be unaffected. Encryption with customer-managed keys is not available for free search services, and is only available for paid services created on or after January 1, 2019.", + "externalDocs": { + "url": "https://aka.ms/azure-search-encryption-with-cmk" + }, + "x-nullable": true } }, "required": [ diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateDataSource.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateDataSource.json index 75a03fd6a8a2..6cf602cc81c2 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateDataSource.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateDataSource.json @@ -21,6 +21,15 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": "myapplicationsecret" + } } } }, @@ -45,6 +54,15 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateIndexer.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateIndexer.json index bc6890a484b7..dde141752872 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateIndexer.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateIndexer.json @@ -4,7 +4,7 @@ "api-version": "2020-06-30", "indexer": { "name": "myindexer", - "description": "a cool indexer", + "description": "an indexer", "dataSourceName": "mydatasource", "targetIndexName": "orders", "schedule": { @@ -14,6 +14,15 @@ "parameters": { "maxFailedItems": 10, "maxFailedItemsPerBatch": 5 + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": "myapplicationsecret" + } } } }, @@ -21,7 +30,7 @@ "201": { "body": { "name": "myindexer", - "description": "a cool indexer", + "description": "an indexer", "dataSourceName": "mydatasource", "targetIndexName": "orders", "schedule": { @@ -33,7 +42,16 @@ "maxFailedItemsPerBatch": 5 }, "fieldMappings": [], - "disabled": false + "disabled": false, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateDataSource.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateDataSource.json index cdb3ff9e4ff1..2fdaf34dd629 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateDataSource.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateDataSource.json @@ -23,6 +23,12 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null } } }, @@ -47,6 +53,12 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null } } }, @@ -70,6 +82,12 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateIndexer.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateIndexer.json index b880163531f0..1edaeb8d1e3c 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateIndexer.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateIndexer.json @@ -16,6 +16,12 @@ "parameters": { "maxFailedItems": 10, "maxFailedItemsPerBatch": 5 + }, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null } } }, @@ -35,7 +41,13 @@ "maxFailedItemsPerBatch": 5 }, "fieldMappings": [], - "disabled": false + "disabled": false, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null + } } }, "201": { @@ -53,7 +65,13 @@ "maxFailedItemsPerBatch": 5 }, "fieldMappings": [], - "disabled": false + "disabled": false, + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateSkillset.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateSkillset.json index 6878a7d28b76..3df98f280f43 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateSkillset.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateOrUpdateSkillset.json @@ -109,7 +109,13 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null + } } }, "responses": { @@ -236,7 +242,13 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null + } } }, "201": { @@ -362,7 +374,13 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": null + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateSkillset.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateSkillset.json index e94fdced936e..0508a00df3f7 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateSkillset.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceCreateSkillset.json @@ -109,7 +109,16 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": "myapplicationsecret" + } + } } }, "responses": { @@ -236,7 +245,16 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myUserManagedEncryptionKey-createdinAzureKeyVault", + "keyVaultKeyVersion": "myKeyVersion-32charAlphaNumericString", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetDataSource.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetDataSource.json index 73b5e16e2c41..74d91858b762 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetDataSource.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetDataSource.json @@ -25,6 +25,15 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetIndexer.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetIndexer.json index 687f23d7fb70..1f74129f1d48 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetIndexer.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetIndexer.json @@ -20,7 +20,16 @@ "maxFailedItemsPerBatch": 5 }, "fieldMappings": [], - "disabled": false + "disabled": false, + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetSkillset.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetSkillset.json index f09a426ffbc4..4747247dcb24 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetSkillset.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceGetSkillset.json @@ -128,7 +128,16 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } } } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListDataSources.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListDataSources.json index 51e07eeb9750..2f9638ef6f29 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListDataSources.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListDataSources.json @@ -27,6 +27,15 @@ "@odata.type": "#Microsoft.Azure.Search.SoftDeleteColumnDeletionDetectionPolicy", "softDeleteColumnName": "isDeleted", "softDeleteMarkerValue": "true" + }, + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } } } ] diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListIndexers.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListIndexers.json index 6ceef86d3a41..08c000587dd4 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListIndexers.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListIndexers.json @@ -58,7 +58,16 @@ } } ], - "disabled": false + "disabled": false, + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } ] } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListSkillsets.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListSkillsets.json index f9050db649bb..e90e798bd04a 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListSkillsets.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/examples/SearchServiceListSkillsets.json @@ -130,7 +130,16 @@ ], "httpHeaders": {} } - ] + ], + "encryptionKey": { + "keyVaultKeyName": "myKeyName", + "keyVaultKeyVersion": "myKeyVersion", + "keyVaultUri": "https://myKeyVault.vault.azure.net", + "accessCredentials": { + "applicationId": "00000000-0000-0000-0000-000000000000", + "applicationSecret": null + } + } } ] } diff --git a/specification/search/data-plane/Azure.Search/preview/2020-06-30/searchservice.json b/specification/search/data-plane/Azure.Search/preview/2020-06-30/searchservice.json index 34c226b5f8e0..54fe4d8b460b 100644 --- a/specification/search/data-plane/Azure.Search/preview/2020-06-30/searchservice.json +++ b/specification/search/data-plane/Azure.Search/preview/2020-06-30/searchservice.json @@ -5711,6 +5711,14 @@ "x-ms-client-name": "ETag", "type": "string", "description": "The ETag of the data source." + }, + "encryptionKey": { + "$ref": "#/definitions/SearchResourceEncryptionKey", + "description": "A description of an encryption key that you create in Azure Key Vault. This key is used to provide an additional level of encryption-at-rest for your datasource definition when you want full assurance that no one, not even Microsoft, can decrypt your data source definition in Azure Cognitive Search. Once you have encrypted your data source definition, it will always remain encrypted. Azure Cognitive Search will ignore attempts to set this property to null. You can change this property as needed if you want to rotate your encryption key; Your datasource definition will be unaffected. Encryption with customer-managed keys is not available for free search services, and is only available for paid services created on or after January 1, 2019.", + "externalDocs": { + "url": "https://aka.ms/azure-search-encryption-with-cmk" + }, + "x-nullable": true } }, "required": [ @@ -6139,6 +6147,14 @@ "x-ms-client-name": "ETag", "type": "string", "description": "The ETag of the indexer." + }, + "encryptionKey": { + "$ref": "#/definitions/SearchResourceEncryptionKey", + "description": "A description of an encryption key that you create in Azure Key Vault. This key is used to provide an additional level of encryption-at-rest for your indexer definition (as well as indexer execution status) when you want full assurance that no one, not even Microsoft, can decrypt them in Azure Cognitive Search. Once you have encrypted your indexer definition, it will always remain encrypted. Azure Cognitive Search will ignore attempts to set this property to null. You can change this property as needed if you want to rotate your encryption key; Your indexer definition (and indexer execution status) will be unaffected. Encryption with customer-managed keys is not available for free search services, and is only available for paid services created on or after January 1, 2019.", + "externalDocs": { + "url": "https://aka.ms/azure-search-encryption-with-cmk" + }, + "x-nullable": true } }, "required": [ @@ -7083,6 +7099,14 @@ "x-ms-client-name": "ETag", "type": "string", "description": "The ETag of the skillset." + }, + "encryptionKey": { + "$ref": "#/definitions/SearchResourceEncryptionKey", + "description": "A description of an encryption key that you create in Azure Key Vault. This key is used to provide an additional level of encryption-at-rest for your skillset definition when you want full assurance that no one, not even Microsoft, can decrypt your skillset definition in Azure Cognitive Search. Once you have encrypted your skillset definition, it will always remain encrypted. Azure Cognitive Search will ignore attempts to set this property to null. You can change this property as needed if you want to rotate your encryption key; Your skillset definition will be unaffected. Encryption with customer-managed keys is not available for free search services, and is only available for paid services created on or after January 1, 2019.", + "externalDocs": { + "url": "https://aka.ms/azure-search-encryption-with-cmk" + }, + "x-nullable": true } }, "required": [