Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add keyVaultNetworkAccess and keyVaultResourceId into securityProfile.azureKeyVaultKms to support key vault with private link #19086

Merged
merged 2 commits into from
May 19, 2022
Merged

Add keyVaultNetworkAccess and keyVaultResourceId into securityProfile.azureKeyVaultKms to support key vault with private link #19086

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
3895aba
Add keyVaultNetworkAccess and keyVaultResourceId into securityProfile…
bingosummer May 16, 2022
731dbcb
fix
bingosummer May 17, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 18 additions & 0 deletions ...source-manager/Microsoft.ContainerService/preview/2022-05-02-preview/managedClusters.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6059,6 +6059,24 @@
"keyId": {
"type": "string",
"description": "Identifier of Azure Key Vault key. See [key identifier format](https://docs.microsoft.com/en-us/azure/key-vault/general/about-keys-secrets-certificates#vault-name-and-object-name) for more details. When Azure Key Vault key management service is enabled, this field is required and must be a valid key identifier. When Azure Key Vault key management service is disabled, leave the field empty."
},
"keyVaultNetworkAccess": {
"type": "string",
"enum": [
"Public",
"Private"
],
"default": "Public",
"x-ms-enum": {
"name": "KeyVaultNetworkAccess",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Better to distinguish it from the property name. Maybe something like KeyVaultNetworkAccessTypes.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure. What's the purpose of "x-ms-enum"?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See details of "x-ms-enum".

One example would be the following snippet from Python SDK, the name in x-ms-enum would be the class name.

class TrustedAccessRoleBindingProvisioningState(with_metaclass(CaseInsensitiveEnumMeta, str, Enum)):
    """The current provisioning state of trusted access role binding.
    """

    SUCCEEDED = "Succeeded"
    FAILED = "Failed"
    UPDATING = "Updating"
    DELETING = "Deleting"

"modelAsString": true
},
"title": "Network access of the key vault",
"description": "network access of key vault. The possible values are `Public` and `Private`. `Public` means the key vault allows public access from all networks. `Private` means the key vault disables public access and enables private link. The default value is `Public`."
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Capitalize network access ...?

},
"keyVaultResourceId": {
"type": "string",
"description": "Resource ID of key vault. When keyVaultNetworkAccess is Private, this field is required and must be a valid resource ID. When keyVaultNetworkAccess is Public, leave the field empty."
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also use `` to mark the value of keyVaultNetworkAccess?

}
},
"description": "Azure Key Vault key management service settings for the security profile."
Expand Down